Connections over opportunistic IPsec drop few minutes after restart
Issue
Some connections over opportunistic IPsec
tunnels stop passing traffic few minutes after the ipsec.service
was restarted. The IPsec
connections still appear established successfully.
This issue is being hit often after a cluster-wide restart of ipsec.service
, e.g. after an upgrade of libreswan
.
Environment
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 8
- OpenShift Container Platform
libreswan
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.