[vpp-dev] Threading issue in IKEv2 implementation

Fri, 13 Jul 2018 01:09:14 -0700 

Hi,

I am evaluating the robustness of IKEv2 implementation in VPP. I try to 
simultaneously establish a large number of SA between a VPP initiator and a VPP 
responder, and it turns out that a thread error occurs on the responder before 
I can reach a few hundred established SA. This issue occurs only when 
interactive mode is disabled.

The error I obtain is the following:

vlib_worker_thread_barrier_sync_int: worker thread deadlock

The configuration for the initiator is the following:
set ikev2 local key ./Gateway-1.local.key.pem
ikev2 profile add pr1
ikev2 profile set pr1 auth rsa-sig cert-file  ./Client-1.local.pem
ikev2 profile set pr1 id local  fqdn Gateway-1.local
ikev2 profile set pr1 id remote fqdn Client-1.local
ikev2 profile set pr1 traffic-selector local ip-range 10.1.1.0 - 10.1.1.255 
port-range 0 - 65535 protocol 0
ikev2 profile set pr1 traffic-selector remote ip-range 10.1.2.0 - 10.1.2.255 
port-range 0 - 65535 protocol 0
ikev2 profile set pr1 responder TenGigabitEthernet5/0/0 192.168.101.2
ikev2 profile set pr1 ike-crypto-alg aes-cbc 256  ike-integ-alg sha1-96 ike-dh 
modp-3072
ikev2 profile set pr1 esp-crypto-alg aes-cbc 256  esp-integ-alg sha1-96  esp-dh 
ecp-256
ikev2 profile set pr1 sa-lifetime 3600 10 5 0

ikev2 initiate sa-init pr1The configuration for the responder is the following:

set ikev2 local key  ./Client-1.local.key.pem

ikev2 profile add pr1

ikev2 profile set pr1 auth rsa-sig cert-file  ./Gateway-1.local.pem

ikev2 profile set pr1 id remote  fqdn Gateway-1.local

ikev2 profile set pr1 id local fqdn Client-1.local

ikev2 profile set pr1 traffic-selector remote ip-range 10.1.1.0 - 10.1.1.255 
port-range 0 - 65535 protocol 0

ikev2 profile set pr1 traffic-selector local ip-range 10.1.2.0 - 10.1.2.255 
port-range 0 - 65535 protocol 0Is there a way to solve this issue?

Thanks,

Berenger


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#9834): https://lists.fd.io/g/vpp-dev/message/9834
Mute This Topic: https://lists.fd.io/mt/23377822/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to