IPSec Log von DPD zugemüllt
-
Servus,
die DPD müllt mir alle 10 Sekunden mein Log voll. Ich bekomme das Ding nicht still, obwohl ich schon dieverse Loggings für IPSec auf silent gestellt habe.Hat jemand nen Tipp?
Danke & Gruß
-
Mit was müllt er denn zu? Wenn er sich beklagt, muss ja was sein ;) Oder du schaltest die dead peer detection eben aus?
-
Servus,
er generiert für jedes Paket einen Eintrag:
Dec 6 15:38:24 charon 13[NET] <con1000|94>received packet: from 192.168.0.1[54256] to 10.10.10.1[4500] (84 bytes) Dec 6 15:38:24 charon 14[NET] <con1000|94>sending packet: from 10.10.10.1[4500] to 192.168.0.1[54256] (92 bytes) Dec 6 15:38:24 charon 14[ENC] <con1000|94>generating INFORMATIONAL_V1 request 242892170 [ HASH N(DPD) ] Dec 6 15:38:14 charon 14[ENC] <con1000|94>parsed INFORMATIONAL_V1 response 2928702696 [ HASH N(DPD_ACK) ] Dec 6 15:38:14 charon 14[NET] <con1000|94>received packet: from 192.168.0.1[54256] to 10.10.10.1[4500] (84 bytes) Dec 6 15:38:14 charon 14[NET] <con1000|94>sending packet: from 10.10.10.1[4500] to 192.168.0.1[54256] (92 bytes) Dec 6 15:38:14 charon 14[ENC] <con1000|94>generating INFORMATIONAL_V1 request 2928702696 [ HASH N(DPD) ] Dec 6 15:38:04 charon 14[ENC] <con1000|94>parsed INFORMATIONAL_V1 response 1386444856 [ HASH N(DPD_ACK) ] Dec 6 15:38:04 charon 14[NET] <con1000|94>received packet: from 192.168.0.1[54256] to 10.10.10.1[4500] (84 bytes) Dec 6 15:38:04 charon 16[NET] <con1000|94>sending packet: from 10.10.10.1[4500] to 192.168.0.1[54256] (92 bytes) Dec 6 15:38:04 charon 16[ENC] <con1000|94>generating INFORMATIONAL_V1 request 1386444856 [ HASH N(DPD) ] Dec 6 15:37:54 charon 14[NET] <con1000|94>sending packet: from 10.10.10.1[4500] to 192.168.0.1[54256] (92 bytes) Dec 6 15:37:54 charon 14[ENC] <con1000|94>generating INFORMATIONAL_V1 request 1132148078 [ HASH N(DPD_ACK) ] Dec 6 15:37:54 charon 14[ENC] <con1000|94>parsed INFORMATIONAL_V1 request 628699583 [ HASH N(DPD) ] Dec 6 15:37:54 charon 14[NET] <con1000|94>received packet: from 192.168.0.1[54256] to 10.10.10.1[4500] (84 bytes) Dec 6 15:37:46 charon 14[ENC] <con1000|94>parsed INFORMATIONAL_V1 response 1284116573 [ HASH N(DPD_ACK) ] Dec 6 15:37:46 charon 14[NET] <con1000|94>received packet: from 192.168.0.1[54256] to 10.10.10.1[4500] (84 bytes) Dec 6 15:37:46 charon 14[NET] <con1000|94>sending packet: from 10.10.10.1[4500] to 192.168.0.1[54256] (92 bytes) Dec 6 15:37:46 charon 14[ENC] <con1000|94>generating INFORMATIONAL_V1 request 1284116573 [ HASH N(DPD) ] Dec 6 15:37:36 charon 14[ENC] <con1000|94>parsed INFORMATIONAL_V1 response 1485724447 [ HASH N(DPD_ACK) ] Dec 6 15:37:36 charon 14[NET] <con1000|94>received packet: from 192.168.0.1[54256] to 10.10.10.1[4500] (84 bytes) Dec 6 15:37:36 charon 14[NET] <con1000|94>sending packet: from 10.10.10.1[4500] to 192.168.0.1[54256] (92 bytes)</con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94>
Ausschalten geht natürlich nicht. Ich muss den Tunnel offen halten.
-
So, jetzt ist Ruhe. Habe zwei Faktoren erneut auf silent gesetzt. Hoffentlich fehlt mir jetzt nix Wichtiges im Log ::)