Bug 402121

Summary: connection terminated by dead peer detection
Product: [Fedora] Fedora Reporter: Matthew Saltzman <mjs>
Component: vpncAssignee: Tomas Mraz <tmraz>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: low    
Version: 8CC: wtogami
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-11-28 10:29:49 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Matthew Saltzman 2007-11-28 03:37:05 UTC 
Description of problem:
vpnc connection terminates after a few idle minutes with the above error in
/var/log/messages.

Version-Release number of selected component (if applicable):
vpnc-0.5.1-2.fc8

How reproducible:
Always

Steps to Reproduce:
1. Use vpnc to establish VPN connection.
2. Wait.
3.
  
Actual results:
Connection drops with error "connection terminated by dead peer detection" in
/var/log/messages.

Expected results:
Connection maintained until one side or the other really disconnects.

Additional info:
New in F8 (since at least Test 2, but I didn't have a chance to isolate the
problem until now).

Found this related discussion at the Ubuntu site:
https://bugs.launchpad.net/ubuntu/+source/vpnc/+bug/93413.
Comment 1 Tomas Mraz 2007-11-28 10:29:49 UTC 
Unfortunately this is a limitation of the DPD support in vpnc - on some
connections with higher packet loss it is worse than not using it at all.

You can add this line to your /etc/vpnc/default.conf to switch it off:

DPD idle timeout (our side) 0


*** This bug has been marked as a duplicate of 345281 ***
Comment 2 Matthew Saltzman 2007-11-28 15:52:32 UTC 
(In reply to comment #1)
> Unfortunately this is a limitation of the DPD support in vpnc - on some
> connections with higher packet loss it is worse than not using it at all.

This is not a particularly unreliable connection.

> 
> You can add this line to your /etc/vpnc/default.conf to switch it off:
> 
> DPD idle timeout (our side) 0

I suppose I need to file a RFE against NetworkManager-vpnc to get it to offer
this as an option.

> 
> 
> *** This bug has been marked as a duplicate of 345281 ***