[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

isakmpd/vpn robustness

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: isakmpd/vpn robustness
From: "Russell P. Sutherland" <russ_(_at_)_quist_(_dot_)_ca>
Date: Thu, 23 Aug 2001 09:35:28 -0400
Organization: Quist Consulting

How robust is the OpenBSD IPSec/isakmpd software?

One would think that it should be possible to:

	1. kill `cat /var/run/isakmpd.pid`
	2. ipsecadm flush
	3. /sbin/isakmpd

Is this true or are there some other synchronization issues
that need to be considered?

I ask only because I have found emperically, that the
above method does not always work. In order to re-establish
the VPN tunnel I sometimes have to restart not only the 
peer isakmpd but also the process on the concentrator machine.
(I have a central VPN hub with two peers).

-- 
Quist Consulting		Email: russ_(_at_)_quist_(_dot_)_ca
219 Donlea Drive 		Voice: +1.416.696.7600
Toronto ON  M4G 2N1		Cell:  +1.416.803.0080
CANADA				WWW:   http://www.quist.ca

Prev by Date: Re: Serial console needed
Next by Date: Re: tekram dc-390u2w
Previous by thread: Halt at boot time (pctr line) after adding second hard disk
Next by thread: Re: tekram dc-390u2w
Index(es):
- Date
- Thread

Visit your host, monkey.org