[AusNOG] IPSEC time skew renegotiate?
Geordie Guy
elomis at gmail.com
Mon Jan 6 21:28:39 EST 2014
It's always negative. Is that a thing? May need to read up more...
On 06/01/2014 8:17 PM, "Jake Anderson" <yahoo at vapourforge.com> wrote:
> Is the time adjustment perhaps negative and its causing something to
> flip out thinking its waited longer than the life of the universe for the
> next key?
>
> On 06/01/14 14:09, Geordie Guy wrote:
>
> G'day NOGgers,
>
> We have an IPSEC peer that keeps dropping the tunnel and renegotiating.
> The only events in the logs on their side that look like they could be
> related are a fairly constant NTP update which is causing their Netscreen
> to adjust by between 3 and 13 milliseconds every ten minutes. Would this
> cause the tunnel to renegotiate when the clock changed? It seems to happen
> on the half hour every half hour, or every three NTP updates.
>
> - Geordie
>
>
> _______________________________________________
> AusNOG mailing listAusNOG at lists.ausnog.nethttp://lists.ausnog.net/mailman/listinfo/ausnog
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140106/28331cc6/attachment.html>
More information about the AusNOG
mailing list