Openswan + xl2tpd连接超时一段时间后
Openswan + xl2tpd连接超时一段时间后
提问于 2013-07-19 07:58:22
我有一个非本地的Openswan+xl2tpd服务器(Ubuntu12.04),与NAT后面的Windows8连接。客户端在不做任何事情(在30到60分钟之间,但我没有计时)之后就失去了连接。
客户端没有启用它应该杀死不活动的连接。也不会进入睡眠模式。我也试着在24小时内杀了人,但没什么用。
客户端所在的NAT路由器是Debian Linux,它的路由器是Cisco,它将我们直接连接到服务器所在的数据中心。我们的其他连接,比如SSH,都不会因为不活动而中断(因为廉价的路由器)。不过,我还是试着打开/etc/ipsec.conf中的记事本:
config setup
(...snip...)
nat_traversal=yes
force_keepalive=yes
keep_alive=10但这没什么用。
正如您稍后在配置中所看到的,死对等检测的操作是明确的。这将是第一个修复建议,但我需要明确,因为人们将连接从任何地方,但厨房水槽。此外,正如我说过的,在我现在的测试设置中,我看不到任何设备破坏它的连接。(编辑:“重新启动”也有相同的效果)
这是曾经发生过的事:
Jul 18 16:18:06 host xl2tpd[1918]: Maximum retries exceeded for tunnel 49070. Closing.
Jul 18 16:18:06 host xl2tpd[1918]: Terminating pppd: sending TERM signal to pid 18359
Jul 18 16:18:06 host xl2tpd[1918]: Connection 4 closed to 89.188.x.y, port 1701 (Timeout)
Jul 18 16:18:11 host xl2tpd[1918]: Unable to deliver closing message for tunnel 49070. Destroying anyway.这些在另一个:
Jul 18 17:44:39 host xl2tpd[1918]: udp_xmit failed to 89.188.x.y:1701 with err=-1:Operation not permitted
Jul 18 17:44:43 xl2tpd[1918]: last message repeated 4 times
Jul 18 17:44:43 host xl2tpd[1918]: Maximum retries exceeded for tunnel 10918. Closing.
Jul 18 17:44:43 host xl2tpd[1918]: udp_xmit failed to 89.188.x.y:1701 with err=-1:Operation not permitted
Jul 18 17:44:43 host xl2tpd[1918]: Terminating pppd: sending TERM signal to pid 26338
Jul 18 17:44:43 host xl2tpd[1918]: Connection 6 closed to 89.188.x.y, port 1701 (Timeout)
Jul 18 17:44:44 host xl2tpd[1918]: udp_xmit failed to 89.188.x.y:1701 with err=-1:Operation not permitted
Jul 18 17:44:48 xl2tpd[1918]: last message repeated 3 times
Jul 18 17:44:48 host xl2tpd[1918]: Unable to deliver closing message for tunnel 10918. Destroying anyway.
Jul 18 17:44:59 host xl2tpd[1918]: Can not find tunnel 10918 (refhim=0)
Jul 18 17:44:59 host xl2tpd[1918]: network_thread: unable to find call or tunnel to handle packet. call = 0, tunnel = 10918 Dumping.
Jul 18 17:45:09 host xl2tpd[1918]: Can not find tunnel 10918 (refhim=0)
Jul 18 17:45:09 host xl2tpd[1918]: network_thread: unable to find call or tunnel to handle packet. call = 0, tunnel = 10918 Dumping.
Jul 18 17:45:19 host xl2tpd[1918]: Can not find tunnel 10918 (refhim=0)
Jul 18 17:45:19 host xl2tpd[1918]: network_thread: unable to find call or tunnel to handle packet. call = 0, tunnel = 10918 Dumping.
Jul 18 17:45:29 host xl2tpd[1918]: Can not find tunnel 10918 (refhim=0)
Jul 18 17:45:29 host xl2tpd[1918]: network_thread: unable to find call or tunnel to handle packet. call = 0, tunnel = 10918 Dumping.
Jul 18 17:45:39 host xl2tpd[1918]: Can not find tunnel 10918 (refhim=0)
Jul 18 17:45:39 host xl2tpd[1918]: network_thread: unable to find call or tunnel to handle packet. call = 0, tunnel = 10918 Dumping.
Jul 18 17:45:49 host xl2tpd[1918]: Can not find tunnel 10918 (refhim=0)
Jul 18 17:45:49 host xl2tpd[1918]: network_thread: unable to find call or tunnel to handle packet. call = 0, tunnel = 10918 Dumping.版本:
- Ubuntu 12.04
- Openswan: 2.6.37-1
- xl2tpd: 3.1+dfsg-1
- 内核:3.2.049-泛型
吐露:
/etc/ipsec.conf:
version 2.0 # conforms to second version of ipsec.conf specification
config setup
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!10.152.2.0/24
oe=off
protostack=netkey
force_keepalive=yes
keep_alive=10
conn L2TP-PSK-NAT
rightsubnet=vhost:%priv
also=L2TP-PSK-noNAT
conn L2TP-PSK-noNAT
authby=secret
pfs=no
auto=add
keyingtries=2
rekey=no
dpddelay=30
dpdtimeout=120
dpdaction=clear
ikelifetime=8h
keylife=1h
type=transport
left=%defaultroute
leftprotoport=17/1701
right=%any
rightprotoport=17/%any/etc/xl2tpd/xl2tpd.conf
[global]
ipsec saref = no
[lns default]
ip range = 10.152.2.2-10.152.2.254
local ip = 10.152.2.1
refuse chap = yes
refuse pap = yes
require authentication = yes
ppp debug = no
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes/etc/ppp/options.xl2tpd:
require-mschap-v2
refuse-mschap
ms-dns 10.152.2.1
asyncmap 0
auth
crtscts
idle 1800
mtu 1200
mru 1200
lock
hide-password
local
#debug
name l2tpd
proxyarp
lcp-echo-interval 30
lcp-echo-failure 4回答 1
Server Fault用户
发布于 2016-12-14 22:32:11
在您的/etc/ppp/options.xl2tpd文件中,您有“空闲1800”,即30分钟。
您可以尝试将该值设置为更高的值,或者做一些糟糕的事情,例如:
while true; do echo "c default" 1>/var/run/xl2tpd/l2tp-control; sleep 1500; done页面原文内容由Server Fault提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://serverfault.com/questions/524656
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号