Racoon stops without any cause
-
Kalu:
if you're sure that p1 & p2 settings are right, then this log doesn't say anything to me.
It just shows that it's not liking how the racoon itself works(or not) by killing that process. maybe some developers could help reading this log -
i have same issue :(
Racoon stop withou causes and drops all IPSEC tunnels.i am using Pfsense 2.0 RC3 and it happens without PPTP tunnel
this is my log, have you any hint ???
Sep 8 09:58:48 php: /status_services.php: Forcefully reloading IPsec racoon daemon [b]Sep 8 09:52:28 kernel: pid 23362 (racoon), uid 0: exited on signal 11 (core dumped)[/b] Sep 8 09:50:04 kernel: arp: 192.168.126.13 moved from 00:01:02:f9:ea:55 to 00:08:02:45:32:42 on le0 Sep 8 09:30:04 kernel: arp: 192.168.126.13 moved from 00:01:02:f9:ea:55 to 00:08:02:45:32:42 on le0 Sep 8 09:30:04 kernel: arp: 192.168.126.13 moved from 00:08:02:45:32:42 to 00:01:02:f9:ea:55 on le0 Sep 8 09:10:04 kernel: arp: 192.168.126.13 moved from 00:01:02:f9:ea:55 to 00:08:02:45:32:42 on le0S.
-
Hi there,
same issue for me : ~160 ipsec tunnels get stopped after some hours.
Could someone just paste the magic script to restart racoon if it's stopped (cron inside) ?edit : error message
Sep 17 08:33:49 pfsense kernel: pid 2238 (racoon), uid 0: exited on signal 11 (core dumped)Edit 2: new crash
System log message : Sep 17 19:07:56 kernel: pid 10333 (racoon), uid 0: exited on signal 11 (core dumped)
Ipsec error message : Sep 17 19:07:56 racoon: [xxx]: [yyy.yyy.yyy.yyy] ERROR: phase1 negotiation failed.Edit 3 : no crash since I disabled badly configured tunnel … will keep you informed and check with V2 Release this week.
So a badly configured tunnel seems to kill racoon ... Will this help ?
-
You might also want to open a ticket with the ipsec-tools developers:
http://sourceforge.net/projects/ipsec-tools/ -
So a badly configured tunnel seems to kill racoon … Will this help ?
What was badly configured? I have noticed that all that had the problem are showing core dumps. Could be bad memory or bad memory management by raccoon. Are there any other packages being used?
-
Hi,
when I said "badly" it was just a way to say that one side was using an ID and not the other side.
Anyway I disabled all the "misconfigured" tunnels but I still get the same problem, even with version 2.0 Release.
Racoon stops once or twice a day. Fortunately some kind of cron restarts it from time to time but looks like a bug.
Where can I find the core dump and who will be interested in debugging it ? -
The problem remains the same : once or twice a day racoon crashes. Fortunately some king of script restarts it after a while. Is the a way to stop this ?
-
@theblast: Can you post your script restart ?
thank you!
-
Hi,
no because I don't know which script it is ! I just wanted to point out that a script does the job. -
Are you running snort or any other packages? What type of hardware do you have? Single/Multiple Core CPU and how much memory?
-
Hi,
Only VPN Client export package is installed.
The hardware :- abit motherboard (2011) / Core I3 intel processor
- Ram 2 Go
- Network : Lan is intel PCI Express Gigabit adapter, others are DLINK DFE 530 Tx 100 mb
-
Except for the DLink, it sounds ideal. Have you run memtest on the machine to make sure memory is good?
-
Except for the DLink, it sounds ideal. Have you run memtest on the machine to make sure memory is good?
Hi Podilarius,
- maybe the d-link is not an ideal choice - I agree
- No, I did not check the memory, nor the hard drive. It really sounds like a bug to me but I'll do the test one of those days.