Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Racoon restarts when other interfaces come up or down

    Scheduled Pinned Locked Moved IPsec
    2 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      ttblum
      last edited by

      Hello,

      It looks like when an interface comes up or down that the racoon daemon automatically restarts.  Here is a log from a CARP master while rebooting a slave router connected by crossover cable (read bottom to top):

      Apr 6 08:28:12  php: : Forcefully reloading IPsec racoon daemon
      Apr 6 08:28:07  apinger: Starting Alarm Pinger, apinger(23952)
      Apr 6 08:28:06  check_reload_status: Reloading filter
      Apr 6 08:28:04  dnsmasq[19967]: ignoring nameserver 127.0.0.1 - local interface
      Apr 6 08:28:04  dnsmasq[19967]: ignoring nameserver 127.0.0.1 - local interface
      Apr 6 08:28:04  dnsmasq[19967]: using nameserver 208.67.222.222#53
      Apr 6 08:28:04  dnsmasq[19967]: using nameserver 208.67.220.220#53
      Apr 6 08:28:04  dnsmasq[19967]: reading /etc/resolv.conf
      Apr 6 08:28:02  apinger: Exiting on signal 15.
      Apr 6 08:28:02  php: : rc.newwanip: on (IP address: 172.21.15.1) (interface: opt1) (real interface: vr2).
      Apr 6 08:28:02  php: : rc.newwanip: Informational is starting vr2.
      Apr 6 08:28:01  kernel: arp: 192.168.xxx.x moved from 00:11:43:eb:d9:0f to 00:11:43:eb:d8:b2 on vr0
      Apr 6 08:28:01  kernel: arp: 192.168.xxx.x moved from 00:11:43:eb:d8:b2 to 00:11:43:eb:d9:0f on vr0
      Apr 6 08:27:54  check_reload_status: rc.newwanip starting vr2
      Apr 6 08:27:54  php: : Hotplug event detected for opt1 but ignoring since interface is configured with static IP (172.xx.xx.x)
      Apr 6 08:27:53  php: : Hotplug event detected for opt1 but ignoring since interface is configured with static IP (172.xx.xx.x)
      Apr 6 08:27:43  check_reload_status: Linkup starting vr2
      Apr 6 08:27:43  kernel: vr2: link state changed to UP
      Apr 6 08:27:43  snmpd[43690]: send: Connection refused
      Apr 6 08:27:41  check_reload_status: Linkup starting vr2
      Apr 6 08:27:40  kernel: vr2: link state changed to DOWN

      Here is a log from reestablishing a PPPoE session on a dual WAN setup:

      May 17 10:47:57 dnsmasq[55826]: using nameserver 208.67.220.220#53
      May 17 10:47:57 dnsmasq[55826]: using nameserver 208.67.222.222#53
      May 17 10:47:57 dnsmasq[55826]: ignoring nameserver 127.0.0.1 - local interface
      May 17 10:47:57 dnsmasq[55826]: ignoring nameserver 127.0.0.1 - local interface
      May 17 10:47:57 php: : Gateways status could not be determined, considering all as up/active.
      May 17 10:48:00 php: : Forcefully reloading IPsec racoon daemon
      May 17 10:48:01 php: : Resyncing OpenVPN instances for interface WAN2.
      May 17 10:49:39 dnsmasq[55826]: read /etc/hosts - 12 addresses

      Wouldn't this affect traffic going over IPSec tunnels on different interfaces?

      Thanks,

      Todd

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        Reloading (updating its config, as must be done since IPs, etc. can change) is different from restarting (wiping out the SAD, SPD), so no.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.