pfSense 2.3 – IPSEC + OpenBGPD Dropouts

A while ago I upgraded one of my pfSense servers to 2.3. After I left it running for a while I noticed all of my IPSEC tunnels dropped out and never re-established – restarting the IPSEC service didn’t fix it and the only way I could fix it was rebooting the server. After doing some Googling and making a couple of forum posts it seems like the issue happens when you have IPSEC and the OpenBGPD package installed.

I made a post on the forum a while back about this but never got it resolved. I then found a newer post on the forum which ended up with me reporting it as a bug (#6223).

I gave Chris Buechler access to the server to take a look at what has gone wrong and he added the following settings in the System -> Advanced -> System Tuneables page:

net.raw.recvspace = 65535
net.raw.sendspace = 65535
net.inet.raw.maxdgram = 131072
net.inet.raw.recvspace = 131072

After those settings were set, I rebooted the server and IPSEC has been stable ever since. If you have the same issue, give this a go, it will hopefully fix it for you as well. If that doesn’t fix it for you, see this forum post for additional suggestions.

 

Posted in Networking.

Leave a Reply

Your email address will not be published.