Comments | mr_z: PSA: VPNC fix for Cisco users

mr_z

PSA: VPNC fix for Cisco users

May 15, 2011 15:47

My VPNC connection has driven me nuts for a very long time. Sometimes it stays up for a couple days, sometimes it drops within minutes. I could never figure it out. I even built my own copy and started running it in GDB to see if I could find and fix the problem. There was something going on with Dead Peer Detection (DPD), but I didn't know ( Read more... )

psa, things that suck

Comments 2

chrispee42 May 16 2011, 01:56:56 UTC

Wow, grats on figuring that out.

mr_z May 16 2011, 04:23:52 UTC

Well, congrats go more to the VPNC developers that figured it out. I only got it narrowed down as far as DPD issues. I'm not sure I would have figured out the specific issue for awhile.

But, at least I got it solved, it appears. :-)

[Edit]: I actually was barking up a different tree: The RFC says that each new DPD message needs a new sequence number, but VPNC re-sends the same sequence number if it doesn't get an ACK back. I'm still not certain that that's the right behavior, but it's hard to say that it's wrong. In any case, the gross misbehavior is fixed. If it still keeps dropping, I'll follow up on that next bit of possible misbehavior.