Re: [Users] Re: Pluto internal error

From: Norbert Wegener (nw_at_sbs.de)
Date: Wed Jul 31 2002 - 22:45:00 CEST

• Next message: Norbert Wegener: "Re: [Users] Re: Pluto internal error"
• Previous message: Corey Rogers: "[Users] Routing issues with FreeSWAN - Routes not in correct order of preference"
• In reply to: Andreas Steffen: "[Users] Re: Pluto internal error"
• Next in thread: Andreas Steffen: "Re: [Users] Re: Pluto internal error"
• Reply: Andreas Steffen: "Re: [Users] Re: Pluto internal error"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello,
here some addtional greps from the logs.
as you can see, the error occurs really often. All Ipsec SAs, which
cause problems, have been established a day earlier.(keylife=24.0h)
Maybe the problem occurs, because our customers use an Ippool of a
relative small ippool from a certain provider?
grep "cannot install eroute" messages
Jul 31 15:24:25 lnxe Pluto[13561]: "rest" xxx.yyy.100.141 #759: cannot
install eroute -- it is in use for "rest" xxx.yyy.100.141 #215
Jul 31 15:25:39 lnxe Pluto[13561]: "rest" xxx.yyy.100.141 #761: cannot
install eroute -- it is in use for "rest" xxx.yyy.100.141 #215
Jul 31 15:27:43 lnxe Pluto[13561]: "rest" xxx.yyy.100.141 #764: cannot
install eroute -- it is in use for "rest" xxx.yyy.100.141 #215
Jul 31 15:32:38 lnxe Pluto[13561]: "rest" xxx.yyy.100.142 #771: cannot
install eroute -- it is in use for "rest" xxx.yyy.100.142 #252
Jul 31 15:35:24 lnxe Pluto[13561]: "rest" xxx.yyy.100.142 #782: cannot
install eroute -- it is in use for "rest" xxx.yyy.100.142 #252
Jul 31 15:36:58 lnxe Pluto[13561]: "rest" xxx.yyy.100.142 #787: cannot
install eroute -- it is in use for "rest" xxx.yyy.100.142 #252
Jul 31 16:12:15 lnxe Pluto[13561]: "rest" xxx.yyy.100.148 #812: cannot
install eroute -- it is in use for "rest" xxx.yyy.100.148 #524
Jul 31 16:16:10 lnxe Pluto[13561]: "rest" xxx.yyy.100.148 #815: cannot
install eroute -- it is in use for "rest" xxx.yyy.100.148 #524
Jul 31 16:17:36 lnxe Pluto[13561]: "rest" xxx.yyy.100.148 #820: cannot
install eroute -- it is in use for "rest" xxx.yyy.100.148 #524
Jul 31 16:18:03 lnxe Pluto[13561]: "rest" xxx.yyy.100.148 #822: cannot
install eroute -- it is in use for "rest" xxx.yyy.100.148 #524
Jul 31 16:37:29 lnxe Pluto[13561]: "rest" xxx.yyy.100.155 #845: cannot
install eroute -- it is in use for "rest" xxx.yyy.100.155 #598
Jul 31 16:44:27 lnxe Pluto[13561]: "rest" xxx.yyy.100.129 #861: cannot
install eroute -- it is in use for "rest" xxx.yyy.100.129 #672
Jul 31 16:46:00 lnxe Pluto[13561]: "rest" xxx.yyy.100.129 #863: cannot
install eroute -- it is in use for "rest" xxx.yyy.100.129 #672
Jul 31 16:50:24 lnxe Pluto[13561]: "rest" xxx.yyy.100.129 #869: cannot
install eroute -- it is in use for "rest" xxx.yyy.100.129 #672

lnxe:/var/log # grep "#215" messages
Jul 31 15:24:25 lnxe Pluto[13561]: "rest" xxx.yyy.100.141 #759: cannot
install eroute -- it is in use for "rest" xxx.yyy.100.141 #215
Jul 31 15:25:39 lnxe Pluto[13561]: "rest" xxx.yyy.100.141 #761: cannot
install eroute -- it is in use for "rest" xxx.yyy.100.141 #215
Jul 31 15:27:43 lnxe Pluto[13561]: "rest" xxx.yyy.100.141 #764: cannot
install eroute -- it is in use for "rest" xxx.yyy.100.141 #215
Jul 31 16:48:17 lnxe Pluto[13561]: "rest" #215: deleting state
(STATE_QUICK_R2)

lnxe:/var/log # grep "#215" messages-20020731
Jul 30 18:01:04 lnxe Pluto[13561]: | creating state object #215 at
0x80b07f0
Jul 30 18:01:04 lnxe Pluto[13561]: | inserting event EVENT_SO_DISCARD,
timeout in 0 seconds for #215
Jul 30 18:01:04 lnxe Pluto[13561]: "rest" xxx.yyy.100.141 #215:
responding to Quick Mode
Jul 30 18:01:04 lnxe Pluto[13561]: | inserting event EVENT_RETRANSMIT,
timeout in 10 seconds for #215
Jul 30 18:01:04 lnxe Pluto[13561]: | next event EVENT_RETRANSMIT in 10
seconds for #215
Jul 30 18:01:05 lnxe Pluto[13561]: | state object #215 found, in
STATE_QUICK_R1
Jul 30 18:01:05 lnxe Pluto[13561]: | inserting event EVENT_SA_REPLACE,
timeout in 86130 seconds for #215
Jul 30 18:01:05 lnxe Pluto[13561]: "rest" xxx.yyy.100.141 #215: IPsec SA
established

lnxe:/var/log # grep "#252" messages-20020731
Jul 30 18:51:54 lnxe Pluto[13561]: | creating state object #252 at
0x80bfcb0
Jul 30 18:51:54 lnxe Pluto[13561]: | inserting event EVENT_SO_DISCARD,
timeout in 0 seconds for #252
Jul 30 18:51:54 lnxe Pluto[13561]: "rest" xxx.yyy.100.142 #252:
responding to Quick Mode
Jul 30 18:51:54 lnxe Pluto[13561]: | inserting event EVENT_RETRANSMIT,
timeout in 10 seconds for #252
Jul 30 18:51:54 lnxe Pluto[13561]: | state object #252 found, in
STATE_QUICK_R1
Jul 30 18:51:54 lnxe Pluto[13561]: "rest" xxx.yyy.100.142 #252:
up-client output:
Jul 30 18:51:54 lnxe Pluto[13561]: | inserting event EVENT_SA_REPLACE,
timeout in 86130 seconds for #252
Jul 30 18:51:54 lnxe Pluto[13561]: "rest" xxx.yyy.100.142 #252: IPsec SA
established

lnxe:/var/log # grep "#524" messages-20020731
Jul 30 11:45:48 lnxe Pluto[16164]: | creating state object #524 at
0x80ea2f0
Jul 30 11:45:48 lnxe Pluto[16164]: | inserting event EVENT_SO_DISCARD,
timeout in 0 seconds for #524
Jul 30 11:45:48 lnxe Pluto[16164]: "rest" xxx.yyy.100.129 #524:
responding to Quick Mode
Jul 30 11:45:48 lnxe Pluto[16164]: | inserting event EVENT_RETRANSMIT,
timeout in 10 seconds for #524
Jul 30 11:45:48 lnxe Pluto[16164]: | next event EVENT_RETRANSMIT in 10
seconds for #524
Jul 30 11:45:48 lnxe Pluto[16164]: | state object #524 found, in
STATE_QUICK_R1
Jul 30 11:45:48 lnxe Pluto[16164]: | inserting event EVENT_SA_REPLACE,
timeout in 86130 seconds for #524
Jul 30 11:45:48 lnxe Pluto[16164]: "rest" xxx.yyy.100.129 #524: IPsec SA
established
Jul 30 13:59:42 lnxe Pluto[16164]: "rest" #524: deleting state
(STATE_QUICK_R2)

Regards
Norbert

Andreas Steffen schrieb:
>
> How does the rekeying history of the owner of IPsec SA #122 look like?
> Did FreeS/WAN try to renew the IPSec SA when #122 was about to expire?
> Had the user already logged off by that time? Usually FreeS/WAN
> tries to renew the IPsec SA a certain number of times depending
> on the keyingtries parameter and when all these trials fail the
> connection is unrouted. Using Mathieu Lafon's delete notification
> patch a delete notification sent e.g. by SSH Sentinel when it is
> properly shut down is heeded by FreeS/WAN and leads to an
> automatic unrouting as soon as the remote client goes down.
>
> Regards
>
> Andreas

-- 
Norbert Wegener         Phone : (49) 201 2661 379
SBS Essen               Fax:    (49) 201 2661 377
Germany                 Mail:   nw_at_sbs.de
http://relax.sbs.de (intranet)

• application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature

_______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users

• Next message: Norbert Wegener: "Re: [Users] Re: Pluto internal error"
• Previous message: Corey Rogers: "[Users] Routing issues with FreeSWAN - Routes not in correct order of preference"
• In reply to: Andreas Steffen: "[Users] Re: Pluto internal error"
• Next in thread: Andreas Steffen: "Re: [Users] Re: Pluto internal error"
• Reply: Andreas Steffen: "Re: [Users] Re: Pluto internal error"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Aug 05 2002 - 21:01:35 CEST