On 13/06/2018 17:22, Christos Zoulas wrote:
On Jun 13, 11:23am, frchuckz%gmail.com@localhost (Chuck Zmudzinski) wrote: -- Subject: Re: Testing racoon Thanks for all the feedback and testing! | The problem was fixed by a reboot of the whole system, and then racoon | started normally again. There might be still an issue with buffer space in current, but we explicitly bumped the limits for syslogd and kernel sockets. I am not sure what went on here and the ipsec related socket buffers got full.
Looking through our sources for racoon (and assuming racoon2 behaves similar here), racoon will always set it's own view on how big the receive buffer should be. See pfkey_set_buffer_size().
So the default socket buffer sizes are not guilty here. I suspect the error Chuck is seeing was fixed last week by this commit: https://mail-index.netbsd.org/source-changes/2018/06/06/msg095775.html Roy