Project

General

Profile

Actions

Bug #4665

closed

strongswan duplicates reqid at times, causing failures with multi-P2

Added by Chris Buechler over 9 years ago. Updated over 9 years ago.

Status:
Resolved
Priority:
Very High
Assignee:
Ermal Luçi
Category:
IPsec
Target version:
Start date:
04/30/2015
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.2
Affected Architecture:

Description

Where a system has a number of P2s on a single P1 with IKEv1, strongswan at times assigns the same reqid across multiple SAs. This can exhibit itself as a pair of P2s where only one of the two functions, whichever has rekeyed most recently. Rekeying one breaks the one with the duplicate reqid.

This appears to be a race condition in strongswan. Possibly this:
https://wiki.strongswan.org/issues/431

Actions #1

Updated by Ermal Luçi over 9 years ago

  • Status changed from Confirmed to Feedback

The reqid is now removed and let to Strongswan to manage.
It seems to improve things.

Leaving as feedback to be checked over.

Actions #2

Updated by Chris Buechler over 9 years ago

  • Status changed from Feedback to Resolved

fixed

Actions

Also available in: Atom PDF