[AusNOG] IPSEC time skew renegotiate?

Geordie Guy elomis at gmail.com
Mon Jan 6 14:09:09 EST 2014


G'day NOGgers,

We have an IPSEC peer that keeps dropping the tunnel and renegotiating. The
only events in the logs on their side that look like they could be related
are a fairly constant NTP update which is causing their Netscreen to adjust
by between 3 and 13 milliseconds every ten minutes.  Would this cause the
tunnel to renegotiate when the clock changed?  It seems to happen on the
half hour every half hour, or every three NTP updates.

- Geordie
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140106/4a826c5b/attachment.html>


More information about the AusNOG mailing list