neutron

Bug #1781354
Comment #2

Comment 2 for bug 1781354

Revision history for this message

Hunt Xu (huntxu) wrote on 2018-07-12:

What's your version information，I don't observe the same thing with libreswan-3.20 on CentOS 7.4.

---
[root@hosts ~]# ip netns exec qrouter-bd205844-be7f-474b-842f-c4333a238386 neutron-vpn-netns-wrapper --mount_paths=/etc:/opt/stack/data/neutron/ipsec/bd205844-be7f-474b-842f-c4333a238386/etc,/var/run:/opt/stack/data/neutron/ipsec/bd205844-be7f-474b-842f-c4333a238386/var/run --cmd=ipsec,whack,--status|grep establ
000 #12: "d8608ad2-61be-43c4-8b70-03aba58018bc/0x1":500 STATE_PARENT_R2 (received v2I2, PARENT SA established); EVENT_SA_REPLACE in 339s; idle; import:respond to stranger
000 #13: "d8608ad2-61be-43c4-8b70-03aba58018bc/0x1":500 STATE_V2_IPSEC_R (IPsec SA established); EVENT_SA_REPLACE in 339s; isakmp#12; idle; import:respond to stranger
000 #14: "d8608ad2-61be-43c4-8b70-03aba58018bc/0x1":500 STATE_PARENT_R2 (received v2I2, PARENT SA established); EVENT_SA_REPLACE in 2905s; newest ISAKMP; idle; import:respond to stranger
000 #15: "d8608ad2-61be-43c4-8b70-03aba58018bc/0x1":500 STATE_V2_IPSEC_R (IPsec SA established); EVENT_SA_REPLACE in 2905s; newest IPSEC; eroute owner; isakmp#14; idle; import:respond to stranger
---

Both "PARENT SA established" and "IPsec SA established" can be matched.