OPNsense Forum

Archive => 21.1 Legacy Series => Topic started by: QBANIN on March 22, 2021, 07:13:19 pm

Title: Strongswan queue overflow
Post by: QBANIN on March 22, 2021, 07:13:19 pm: Hi,

Since a year or so I'm getting following hardware-independent error message that leads to non-responding GUI (ssh works) and all/most of my 17 Ipsec tunnel being disconnected.

netstat -Lan shows that 0xxxxxxxxx that it's always charon's queue overflowed.

Code: [Select]
sonewconn: pcb 0xfffff80005b98300: Listen queue overflow: 5 already in queue awaiting acceptance (6 occurrences)
Code: [Select]
unix 5/0/3 /var/run/charon.vici
I think that the root of this issue is my easy-to-saturate LTE WAN connection that may lead to ipsec connection stall, but I'm not sure.

TL;DR Is there an option to increase charon's waiting connection queue from 3 to some higher value?

setting
Code: [Select]
sysctl kern.ipc.somaxconn=4096 doesn't help

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy