1 .SH LOGGER CONFIGURATION
2 The options described below provide a much more flexible way to configure
3 loggers for the IKEv2 daemon charon than using the
9 that if any loggers are specified in strongswan.conf,
11 does not have any effect.
13 There are currently two types of loggers defined:
16 Log directly to a file and are defined by specifying the full path to the
17 file as subsection in the
19 section. To log to the console the two special filenames
20 .BR stdout " and " stderr
24 Log into a syslog facility and are defined by specifying the facility to log to
25 as the name of a subsection in the
27 section. The following facilities are currently supported:
28 .BR daemon " and " auth .
30 Multiple loggers can be defined for each type with different log verbosity for
31 the different subsystems of the daemon.
34 .BR charon.filelog.<filename>.default " [1]"
36 .BR charon.syslog.<facility>.default
37 Specifies the default loglevel to be used for subsystems for which no specific
40 .BR charon.filelog.<filename>.<subsystem> " [<default>]"
42 .BR charon.syslog.<facility>.<subsystem>
43 Specifies the loglevel for the given subsystem.
45 .BR charon.filelog.<filename>.append " [yes]"
46 If this option is enabled log entries are appended to the existing file.
48 .BR charon.filelog.<filename>.flush_line " [no]"
49 Enabling this option disables block buffering and enables line buffering.
51 .BR charon.filelog.<filename>.ike_name " [no]"
53 .BR charon.syslog.<facility>.ike_name
54 Prefix each log entry with the connection name and a unique numerical
55 identifier for each IKE_SA.
57 .BR charon.filelog.<filename>.time_format
58 Prefix each log entry with a timestamp. The option accepts a format string as
62 .BR charon.syslog.identifier
63 Global identifier used for an
65 call, prepended to each log message by syslog. If not configured,
67 is not called, so the value will depend on system defaults (often the program
73 Main daemon setup/cleanup/signal handling
76 IKE_SA manager, handling synchronization for IKE_SA access
85 Jobs queueing/processing and thread pool management
88 Configuration management and plugins
91 IPsec/Networking kernel interface
94 IKE network communication
97 Low-level encoding/decoding (ASN.1, X.509 etc.)
100 Packet encoding/decoding encryption/decryption operations
103 libtls library messages
106 libipsec library messages
109 libstrongwan library messages
112 Trusted Network Connect
115 Integrity Measurement Collector
118 Integrity Measurement Verifier
121 Platform Trust Service
128 Very basic auditing logs, (e.g. SA up/SA down)
131 Generic control flow with errors, a good default to see whats going on
134 More detailed debugging control flow
137 Including RAW data dumps in Hex
140 Also include sensitive material in dumps, e.g. keys
146 /var/log/charon.log {
147 time_format = %b %e %T
158 # enable logging to LOG_DAEMON, use defaults
161 # minimalistic IKE auditing logging to LOG_AUTHPRIV
170 .SH JOB PRIORITY MANAGEMENT
171 Some operations in the IKEv2 daemon charon are currently implemented
172 synchronously and blocking. Two examples for such operations are communication
173 with a RADIUS server via EAP-RADIUS, or fetching CRL/OCSP information during
174 certificate chain verification. Under high load conditions, the thread pool may
175 run out of available threads, and some more important jobs, such as liveness
176 checking, may not get executed in time.
178 To prevent thread starvation in such situations job priorities were introduced.
179 The job processor will reserve some threads for higher priority jobs, these
180 threads are not available for lower priority, locking jobs.
182 Currently 4 priorities have been defined, and they are used in charon as
186 Priority for long-running dispatcher jobs.
189 INFORMATIONAL exchanges, as used by liveness checking (DPD).
192 Everything not HIGH/LOW, including IKE_SA_INIT processing.
195 IKE_AUTH message processing. RADIUS and CRL fetching block here
197 Although IKE_SA_INIT processing is computationally expensive, it is explicitly
198 assigned to the MEDIUM class. This allows charon to do the DH exchange while
199 other threads are blocked in IKE_AUTH. To prevent the daemon from accepting more
200 IKE_SA_INIT requests than it can handle, use IKE_SA_INIT DROPPING.
202 The thread pool processes jobs strictly by priority, meaning it will consume all
203 higher priority jobs before looking for ones with lower priority. Further, it
204 reserves threads for certain priorities. A priority class having reserved
206 threads will always have
208 threads available for this class (either currently processing a job, or waiting
211 To ensure that there are always enough threads available for higher priority
212 tasks, threads must be reserved for each priority class.
214 .BR charon.processor.priority_threads.critical " [0]"
215 Threads reserved for CRITICAL priority class jobs
217 .BR charon.processor.priority_threads.high " [0]"
218 Threads reserved for HIGH priority class jobs
220 .BR charon.processor.priority_threads.medium " [0]"
221 Threads reserved for MEDIUM priority class jobs
223 .BR charon.processor.priority_threads.low " [0]"
224 Threads reserved for LOW priority class jobs
226 Let's consider the following configuration:
239 With this configuration, one thread is reserved for HIGH priority tasks. As
240 currently only liveness checking and stroke message processing is done with
241 high priority, one or two threads should be sufficient.
243 The MEDIUM class mostly processes non-blocking jobs. Unless your setup is
244 experiencing many blocks in locks while accessing shared resources, threads for
245 one or two times the number of CPU cores is fine.
247 It is usually not required to reserve threads for CRITICAL jobs. Jobs in this
248 class rarely return and do not release their thread to the pool.
250 The remaining threads are available for LOW priority jobs. Reserving threads
251 does not make sense (until we have an even lower priority).
253 To see what the threads are actually doing, invoke
254 .IR "ipsec statusall" .
255 Under high load, something like this will show up:
258 worker threads: 2 or 32 idle, 5/1/2/22 working,
259 job queue: 0/0/1/149, scheduled: 198
262 From 32 worker threads,
266 are running CRITICAL priority jobs (dispatching from sockets, etc.).
268 is currently handling a HIGH priority job. This is actually the thread currently
269 providing this information via stroke.
271 are handling MEDIUM priority jobs, likely IKE_SA_INIT or CREATE_CHILD_SA
274 are handling LOW priority jobs, probably waiting for an EAP-RADIUS response
275 while processing IKE_AUTH messages.
277 The job queue load shows how many jobs are queued for each priority, ready for
278 execution. The single MEDIUM priority job will get executed immediately, as
279 we have two spare threads reserved for MEDIUM class jobs.
281 .SH IKE_SA_INIT DROPPING
282 If a responder receives more connection requests per seconds than it can handle,
283 it does not make sense to accept more IKE_SA_INIT messages. And if they are
284 queued but can't get processed in time, an answer might be sent after the
285 client has already given up and restarted its connection setup. This
286 additionally increases the load on the responder.
288 To limit the responder load resulting from new connection attempts, the daemon
289 can drop IKE_SA_INIT messages just after reception. There are two mechanisms to
290 decide if this should happen, configured with the following options:
292 .BR charon.init_limit_half_open " [0]"
293 Limit based on the number of half open IKE_SAs. Half open IKE_SAs are SAs in
294 connecting state, but not yet established.
296 .BR charon.init_limit_job_load " [0]"
297 Limit based on the number of jobs currently queued for processing (sum over all
300 The second limit includes load from other jobs, such as rekeying. Choosing a
301 good value is difficult and depends on the hardware and expected load.
303 The first limit is simpler to calculate, but includes the load from new
304 connections only. If your responder is capable of negotiating 100 tunnels/s, you
305 might set this limit to 1000. The daemon will then drop new connection attempts
306 if generating a response would require more than 10 seconds. If you are
307 allowing for a maximum response time of more than 30 seconds, consider adjusting
308 the timeout for connecting IKE_SAs
309 .RB ( charon.half_open_timeout ).
310 A responder, by default, deletes an IKE_SA if the initiator does not establish
311 it within 30 seconds. Under high load, a higher value might be required.
314 To do stability testing and performance optimizations, the IKEv2 daemon charon
315 provides the load-tester plugin. This plugin allows one to setup thousands of
316 tunnels concurrently against the daemon itself or a remote host.
319 Never enable the load-testing plugin on productive systems. It provides
320 preconfigured credentials and allows an attacker to authenticate as any user.
323 .BR charon.plugins.load-tester.addrs
324 Subsection that contains key/value pairs with address pools (in CIDR notation)
325 to use for a specific network interface e.g. eth0 = 10.10.0.0/16
327 .BR charon.plugins.load-tester.addrs_keep " [no]"
328 Whether to keep dynamic addresses even after the associated SA got terminated
330 .BR charon.plugins.load-tester.addrs_prefix " [16]"
331 Network prefix length to use when installing dynamic addresses. If set to -1 the
332 full address is used (i.e. 32 or 128)
334 .BR charon.plugins.load-tester.ca_dir
335 Directory to load (intermediate) CA certificates from
337 .BR charon.plugins.load-tester.child_rekey " [600]"
338 Seconds to start CHILD_SA rekeying after setup
340 .BR charon.plugins.load-tester.delay " [0]"
341 Delay between initiatons for each thread
343 .BR charon.plugins.load-tester.delete_after_established " [no]"
344 Delete an IKE_SA as soon as it has been established
346 .BR charon.plugins.load-tester.digest " [sha1]"
347 Digest algorithm used when issuing certificates
349 .BR charon.plugins.load-tester.dpd_delay " [0]"
350 DPD delay to use in load test
352 .BR charon.plugins.load-tester.dynamic_port " [0]"
353 Base port to be used for requests (each client uses a different port)
355 .BR charon.plugins.load-tester.eap_password " [default-pwd]"
356 EAP secret to use in load test
358 .BR charon.plugins.load-tester.enable " [no]"
359 Enable the load testing plugin
361 .BR charon.plugins.load-tester.esp " [aes128-sha1]"
362 CHILD_SA proposal to use for load tests
364 .BR charon.plugins.load-tester.fake_kernel " [no]"
365 Fake the kernel interface to allow load-testing against self
367 .BR charon.plugins.load-tester.ike_rekey " [0]"
368 Seconds to start IKE_SA rekeying after setup
370 .BR charon.plugins.load-tester.init_limit " [0]"
371 Global limit of concurrently established SAs during load test
373 .BR charon.plugins.load-tester.initiator " [0.0.0.0]"
374 Address to initiate from
376 .BR charon.plugins.load-tester.initiators " [0]"
377 Number of concurrent initiator threads to use in load test
379 .BR charon.plugins.load-tester.initiator_auth " [pubkey]"
380 Authentication method(s) the intiator uses
382 .BR charon.plugins.load-tester.initiator_id
383 Initiator ID used in load test
385 .BR charon.plugins.load-tester.initiator_match
386 Initiator ID to match against as responder
388 .BR charon.plugins.load-tester.initiator_tsi
389 Traffic selector on initiator side, as proposed by initiator
391 .BR charon.plugins.load-tester.initiator_tsr
392 Traffic selector on responder side, as proposed by initiator
394 .BR charon.plugins.load-tester.iterations " [1]"
395 Number of IKE_SAs to initiate by each initiator in load test
397 .BR charon.plugins.load-tester.issuer_cert
398 Path to the issuer certificate (if not configured a hard-coded value is used)
400 .BR charon.plugins.load-tester.issuer_key
401 Path to private key that is used to issue certificates (if not configured a
402 hard-coded value is used)
404 .BR charon.plugins.load-tester.mode " [tunnel]"
405 IPsec mode to use, one of \fBtunnel\fR, \fBtransport\fR, or \fBbeet\fR.
407 .BR charon.plugins.load-tester.pool
408 Provide INTERNAL_IPV4_ADDRs from a named pool
410 .BR charon.plugins.load-tester.preshared_key " [default-psk]"
411 Preshared key to use in load test
413 .BR charon.plugins.load-tester.proposal " [aes128-sha1-modp768]"
414 IKE proposal to use in load test
416 .BR charon.plugins.load-tester.responder " [127.0.0.1]"
417 Address to initiation connections to
419 .BR charon.plugins.load-tester.responder_auth " [pubkey]"
420 Authentication method(s) the responder uses
422 .BR charon.plugins.load-tester.responder_id
423 Responder ID used in load test
425 .BR charon.plugins.load-tester.responder_tsi " [initiator_tsi]"
426 Traffic selector on initiator side, as narrowed by responder
428 .BR charon.plugins.load-tester.responder_tsr " [initiator_tsr]"
429 Traffic selector on responder side, as narrowed by responder
431 .BR charon.plugins.load-tester.request_virtual_ip " [no]"
432 Request an INTERNAL_IPV4_ADDR from the server
434 .BR charon.plugins.load-tester.shutdown_when_complete " [no]"
435 Shutdown the daemon after all IKE_SAs have been established
437 .BR charon.plugins.load-tester.socket " [unix://@piddir@/charon.ldt]"
438 Socket provided by the load-tester plugin
440 .BR charon.plugins.load-tester.version " [0]"
441 IKE version to use (0 means use IKEv2 as initiator and accept any version as
444 .SS Configuration details
445 For public key authentication, the responder uses the
446 .B \(dqCN=srv, OU=load-test, O=strongSwan\(dq
447 identity. For the initiator, each connection attempt uses a different identity
449 .BR "\(dqCN=c1-r1, OU=load-test, O=strongSwan\(dq" ,
450 where the first number inidicates the client number, the second the
451 authentication round (if multiple authentication is used).
453 For PSK authentication, FQDN identities are used. The server uses
454 .BR srv.strongswan.org ,
455 the client uses an identity in the form
456 .BR c1-r1.strongswan.org .
458 For EAP authentication, the client uses a NAI in the form
459 .BR 100000000010001@strongswan.org .
461 To configure multiple authentication, concatenate multiple methods using, e.g.
463 initiator_auth = pubkey|psk|eap-md5|eap-aka
466 The responder uses a hardcoded certificate based on a 1024-bit RSA key.
467 This certificate additionally serves as CA certificate. A peer uses the same
468 private key, but generates client certificates on demand signed by the CA
469 certificate. Install the Responder/CA certificate on the remote host to
470 authenticate all clients.
472 To speed up testing, the load tester plugin implements a special Diffie-Hellman
473 implementation called modpnull. By setting
475 proposal = aes128-sha1-modpnull
477 this wicked fast DH implementation is used. It does not provide any security
478 at all, but allows one to run tests without DH calculation overhead.
481 In the simplest case, the daemon initiates IKE_SAs against itself using the
482 loopback interface. This will actually establish double the number of IKE_SAs,
483 as the daemon is initiator and responder for each IKE_SA at the same time.
484 Installation of IPsec SAs would fails, as each SA gets installed twice. To
485 simulate the correct behavior, a fake kernel interface can be enabled which does
486 not install the IPsec SAs at the kernel level.
488 A simple loopback configuration might look like this:
492 # create new IKE_SAs for each CHILD_SA to simulate
495 # turn off denial of service protection
502 # use 4 threads to initiate connections
505 # each thread initiates 1000 connections
507 # delay each initiation in each thread by 20ms
509 # enable the fake kernel interface to
517 This will initiate 4000 IKE_SAs within 20 seconds. You may increase the delay
518 value if your box can not handle that much load, or decrease it to put more
519 load on it. If the daemon starts retransmitting messages your box probably can
520 not handle all connection attempts.
522 The plugin also allows one to test against a remote host. This might help to
523 test against a real world configuration. A connection setup to do stress
524 testing of a gateway might look like this:
534 # 10000 connections, ten in parallel
537 # use a delay of 100ms, overall time is:
538 # iterations * delay = 100s
540 # address of the gateway
542 # IKE-proposal to use
543 proposal = aes128-sha1-modp1024
544 # use faster PSK authentication instead
548 # request a virtual IP using configuration
550 request_virtual_ip = yes
551 # enable CHILD_SA every 60s
558 .SH IKEv2 RETRANSMISSION
559 Retransmission timeouts in the IKEv2 daemon charon can be configured globally
560 using the three keys listed below:
564 .BR charon.retransmit_base " [1.8]"
565 .BR charon.retransmit_timeout " [4.0]"
566 .BR charon.retransmit_tries " [5]"
570 The following algorithm is used to calculate the timeout:
573 relative timeout = retransmit_timeout * retransmit_base ^ (n-1)
578 is the current retransmission count.
580 Using the default values, packets are retransmitted in:
586 Retransmission Relative Timeout Absolute Timeout
599 \fBipsec.conf\fR(5), \fBipsec.secrets\fR(5), \fBipsec\fR(8), \fBcharon-cmd\fR(8)
603 .UR http://www.strongswan.org
606 by Tobias Brunner, Andreas Steffen and Martin Willi.