OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 21.1 Legacy Series »
  • Strongswan queue overflow
« previous next »
  • Print
Pages: [1]

Author Topic: Strongswan queue overflow  (Read 1164 times)

QBANIN

  • Newbie
  • *
  • Posts: 29
  • Karma: 0
    • View Profile
Strongswan queue overflow
« on: March 22, 2021, 07:13:19 pm »
Hi,

Since a year or so I'm getting following hardware-independent error message that leads to non-responding GUI (ssh works) and all/most of my 17 Ipsec tunnel being disconnected.

netstat -Lan shows that 0xxxxxxxxx that it's always charon's queue overflowed.

Code: [Select]
sonewconn: pcb 0xfffff80005b98300: Listen queue overflow: 5 already in queue awaiting acceptance (6 occurrences)
Code: [Select]
unix  5/0/3                            /var/run/charon.vici
I think that the root of this issue is my easy-to-saturate LTE WAN connection that may lead to ipsec connection stall, but I'm not sure.

TL;DR Is there an option to increase charon's waiting connection queue from 3 to some higher value?

setting
Code: [Select]
sysctl kern.ipc.somaxconn=4096 doesn't help
« Last Edit: March 23, 2021, 12:50:57 pm by QBANIN »
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 21.1 Legacy Series »
  • Strongswan queue overflow
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2