1.53.1. RHBA-2010:0645: bug fix update
The ipsec-tools package contains configuration and management tools for IPsec.
* when dumping the pfkey database the kernel used to return only part of the database due to the small socket buffer size. When racoon was deployed on a system with a large number of network security policy entries, the racoon could not find all of the security policy entries in the database. The updated package supports a new configuration option pfkey_buffer to the racoon.conf file that allows to set the buffer size as appropriate for the deployment requirements. ( BZ#609090
All users of IPsec Tools are advised to upgrade to this updated package, which resolves these issues.