LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 03-24-2010, 04:04 AM   #1
rks752
LQ Newbie
 
Registered: Mar 2010
Location: Gothenburg, Sweden
Distribution: OpenSUSE
Posts: 2

Rep: Reputation: 0
OpenSwan U2.6.24 on 2.6.27.7-9-pae (32-bit) slow at establishing connection


Dear board

I am at loss as to what is causing a very unhealthy(?) ~6s time to establish a connection.

Server:
Linux Openswan U2.6.24/K2.6.31.12-ipsec-rks-march-3 (netkey)
Connection: 100Mbit

Client (Road Warrior):
Linux Openswan U2.6.24/K2.6.27.7-9-pae (netkey)
Connection: 3G 7,2Mbit

Verification: rsasig
Type: tunnel

The scenario is this, the Road Warrior has two-three Internet connections and the default route changes every now and then, each time must ipsec be restarted (or not?) and then the connection be brought up again.

# time /etc/init.d/ipsec restart
...
real 0m3.605s
user 0m0.840s
sys 0m0.620s

# time ipsec auto --up road-gw
...
real 0m3.775s
user 0m0.064s
sys 0m0.044s
(Available memory on the machine is sufficient, 591MB and CPU usage is non-existing before and after initiation.)

These are my configuration-files:

Client:
-----------
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
config setup
nat_traversal=yes
klipsdebug=none
plutodebug=none
virtual_private=%v4:192.168.2.0/24,%v4:9.9.0.0/24
oe=off
protostack=netkey

conn %default
left=%defaultroute
leftrsasigkey=%cert
rightrsasigkey=%cert
authby=rsasig

conn road-gw
type=tunnel
left=%defaultroute
leftid=@x
leftrsasigkey=0s...hdU2gN
right=xxx.yyy.xxx
rightsubnet=9.9.0.0/24
rightid=@momento
rightrsasigkey=0sA...WNBH43UmXFDv//
auto=add


Server:
--------------
version 2.0 # conforms to second version of ipsec.conf specification
config setup
nat_traversal=yes
klipsdebug=none
plutodebug=none
virtual_private=%v4:9.9.0.0/24
oe=off
protostack=netkey

conn %default
left=xxx.yyy.xxx
leftrsasigkey=%cert
rightrsasigkey=%cert
authby=rsasig

conn road-gw
type=tunnel
left=xxx.yyy.xxx
leftid=@momento
leftsubnet=9.9.0.0/24
leftrsasigkey=0sA...mXFDv//
right=%any
rightid=@x
rightrsasigkey=0sAQOS...hdU2gN
auto=add
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Ubuntu 32-bit, 32-bit PAE, 64-bit Benchmarks LXer Syndicated Linux News 0 12-30-2009 12:00 PM
Remote Desktop Connection hangs on 'Establishing connection...' madala Linux - Networking 1 06-27-2008 04:04 PM
Establishing Internet Connection TtWEAK Linux - Networking 1 09-21-2005 04:15 AM
Establishing an Internet Connection anders_ant Linux - Networking 3 07-27-2004 01:37 PM
establishing a internet connection iguarin Linux - Newbie 1 05-20-2003 07:35 PM


All times are GMT -5. The time now is 07:21 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration