IPSec Log von DPD zugemüllt



  • Servus,
    die DPD müllt mir alle 10 Sekunden mein Log  voll. Ich bekomme das Ding nicht still, obwohl ich schon dieverse Loggings für IPSec auf silent gestellt habe.

    Hat jemand nen Tipp?

    Danke & Gruß


  • LAYER 8 Moderator

    Mit was müllt er denn zu? Wenn er sich beklagt, muss ja was sein ;) Oder du schaltest die dead peer detection eben aus?



  • Servus,

    er generiert für jedes Paket einen Eintrag:

    Dec 6 15:38:24 	charon 		13[NET] <con1000|94>received packet: from 192.168.0.1[54256] to 10.10.10.1[4500] (84 bytes)
    Dec 6 15:38:24 	charon 		14[NET] <con1000|94>sending packet: from 10.10.10.1[4500] to 192.168.0.1[54256] (92 bytes)
    Dec 6 15:38:24 	charon 		14[ENC] <con1000|94>generating INFORMATIONAL_V1 request 242892170 [ HASH N(DPD) ]
    Dec 6 15:38:14 	charon 		14[ENC] <con1000|94>parsed INFORMATIONAL_V1 response 2928702696 [ HASH N(DPD_ACK) ]
    Dec 6 15:38:14 	charon 		14[NET] <con1000|94>received packet: from 192.168.0.1[54256] to 10.10.10.1[4500] (84 bytes)
    Dec 6 15:38:14 	charon 		14[NET] <con1000|94>sending packet: from 10.10.10.1[4500] to 192.168.0.1[54256] (92 bytes)
    Dec 6 15:38:14 	charon 		14[ENC] <con1000|94>generating INFORMATIONAL_V1 request 2928702696 [ HASH N(DPD) ]
    Dec 6 15:38:04 	charon 		14[ENC] <con1000|94>parsed INFORMATIONAL_V1 response 1386444856 [ HASH N(DPD_ACK) ]
    Dec 6 15:38:04 	charon 		14[NET] <con1000|94>received packet: from 192.168.0.1[54256] to 10.10.10.1[4500] (84 bytes)
    Dec 6 15:38:04 	charon 		16[NET] <con1000|94>sending packet: from 10.10.10.1[4500] to 192.168.0.1[54256] (92 bytes)
    Dec 6 15:38:04 	charon 		16[ENC] <con1000|94>generating INFORMATIONAL_V1 request 1386444856 [ HASH N(DPD) ]
    Dec 6 15:37:54 	charon 		14[NET] <con1000|94>sending packet: from 10.10.10.1[4500] to 192.168.0.1[54256] (92 bytes)
    Dec 6 15:37:54 	charon 		14[ENC] <con1000|94>generating INFORMATIONAL_V1 request 1132148078 [ HASH N(DPD_ACK) ]
    Dec 6 15:37:54 	charon 		14[ENC] <con1000|94>parsed INFORMATIONAL_V1 request 628699583 [ HASH N(DPD) ]
    Dec 6 15:37:54 	charon 		14[NET] <con1000|94>received packet: from 192.168.0.1[54256] to 10.10.10.1[4500] (84 bytes)
    Dec 6 15:37:46 	charon 		14[ENC] <con1000|94>parsed INFORMATIONAL_V1 response 1284116573 [ HASH N(DPD_ACK) ]
    Dec 6 15:37:46 	charon 		14[NET] <con1000|94>received packet: from 192.168.0.1[54256] to 10.10.10.1[4500] (84 bytes)
    Dec 6 15:37:46 	charon 		14[NET] <con1000|94>sending packet: from 10.10.10.1[4500] to 192.168.0.1[54256] (92 bytes)
    Dec 6 15:37:46 	charon 		14[ENC] <con1000|94>generating INFORMATIONAL_V1 request 1284116573 [ HASH N(DPD) ]
    Dec 6 15:37:36 	charon 		14[ENC] <con1000|94>parsed INFORMATIONAL_V1 response 1485724447 [ HASH N(DPD_ACK) ]
    Dec 6 15:37:36 	charon 		14[NET] <con1000|94>received packet: from 192.168.0.1[54256] to 10.10.10.1[4500] (84 bytes)
    Dec 6 15:37:36 	charon 		14[NET] <con1000|94>sending packet: from 10.10.10.1[4500] to 192.168.0.1[54256] (92 bytes)</con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94></con1000|94> 
    

    Ausschalten geht natürlich nicht. Ich muss den Tunnel offen halten.



  • So, jetzt ist Ruhe. Habe zwei Faktoren erneut auf silent gesetzt. Hoffentlich fehlt mir jetzt nix Wichtiges im Log  ::)


Log in to reply