Test ikev2/dpd-trap

Description

The roadwarrior carol sets up an IPsec tunnel connection to the gateway moon which in turn activates Dead Peer Detection (DPD) with a polling interval of 10 s. When the network connectivity between carol and moon is forcefully disrupted, moon clears the connection after a number of unsuccessful retransmits. The roadwarrior carol sets up an IPsec tunnel connection to the gateway moon. Both end points activate Dead Peer Detection (DPD) with a polling interval of 10 s. When the network connectivity between carol and moon is forcefully disrupted for a duration of 10 s, moon clears the connection after 2 unsuccessful retransmits whereas carol also takes down the connection but installs a route which triggers when carol sends a ping to client alice behind gateway moon.

console.log

moon

swanctl.conf
swanctl --list-conns
swanctl --list-certs
strongswan.conf
ipsec.sql

swanctl --list-sas|--list-pols
swanctl --list-pools
swanctl --list-authorities
swanctl --stats|--list-algs
auth.log
daemon.log

ip -s xfrm policy
ip -s xfrm state
ip route list table 220
iptables -L
iptables-save

carol

swanctl.conf
swanctl --list-conns
swanctl --list-certs
strongswan.conf
ipsec.sql

swanctl --list-sas|--list-pols
swanctl --list-pools
swanctl --list-authorities
swanctl --stats|--list-algs
auth.log
daemon.log

ip -s xfrm policy
ip -s xfrm state
ip route list table 220
iptables -L
iptables-save