1 .SH LOGGER CONFIGURATION
3 .BR strongswan.conf (5)
4 provide a much more flexible way to configure loggers for the IKE daemon charon
11 If any loggers are specified in strongswan.conf,
13 does not have any effect.
15 There are currently two types of loggers:
18 Log directly to a file and are defined by specifying an arbitrarily named
21 section. The full path to the file is configured in the \fIpath\fR setting of
22 that subsection, however, if it only contains characters permitted in section
23 names, the setting may also be omitted and the path specified as name of the
24 subsection. To log to the console the two special filenames
25 .BR stdout " and " stderr
29 Log into a syslog facility and are defined by specifying the facility to log to
30 as the name of a subsection in the
32 section. The following facilities are currently supported:
33 .BR daemon " and " auth .
35 Multiple loggers can be defined for each type with different log verbosity for
36 the different subsystems of the daemon.
41 Main daemon setup/cleanup/signal handling
44 IKE_SA manager, handling synchronization for IKE_SA access
53 Jobs queueing/processing and thread pool management
56 Configuration management and plugins
59 IPsec/Networking kernel interface
62 IKE network communication
65 Low-level encoding/decoding (ASN.1, X.509 etc.)
68 Packet encoding/decoding encryption/decryption operations
71 libtls library messages
74 libipsec library messages
77 libstrongwan library messages
80 Trusted Network Connect
83 Integrity Measurement Collector
86 Integrity Measurement Verifier
89 Platform Trust Service
96 Very basic auditing logs, (e.g. SA up/SA down)
99 Generic control flow with errors, a good default to see what's going on
102 More detailed debugging control flow
105 Including RAW data dumps in Hex
108 Also include sensitive material in dumps, e.g. keys
115 path = /var/log/charon.log
116 time_format = %b %e %T
127 # enable logging to LOG_DAEMON, use defaults
130 # minimalistic IKE auditing logging to LOG_AUTHPRIV
139 .SH JOB PRIORITY MANAGEMENT
140 Some operations in the IKEv2 daemon charon are currently implemented
141 synchronously and blocking. Two examples for such operations are communication
142 with a RADIUS server via EAP-RADIUS, or fetching CRL/OCSP information during
143 certificate chain verification. Under high load conditions, the thread pool may
144 run out of available threads, and some more important jobs, such as liveness
145 checking, may not get executed in time.
147 To prevent thread starvation in such situations job priorities were introduced.
148 The job processor will reserve some threads for higher priority jobs, these
149 threads are not available for lower priority, locking jobs.
151 Currently 4 priorities have been defined, and they are used in charon as
155 Priority for long-running dispatcher jobs.
158 INFORMATIONAL exchanges, as used by liveness checking (DPD).
161 Everything not HIGH/LOW, including IKE_SA_INIT processing.
164 IKE_AUTH message processing. RADIUS and CRL fetching block here
166 Although IKE_SA_INIT processing is computationally expensive, it is explicitly
167 assigned to the MEDIUM class. This allows charon to do the DH exchange while
168 other threads are blocked in IKE_AUTH. To prevent the daemon from accepting more
169 IKE_SA_INIT requests than it can handle, use IKE_SA_INIT DROPPING.
171 The thread pool processes jobs strictly by priority, meaning it will consume all
172 higher priority jobs before looking for ones with lower priority. Further, it
173 reserves threads for certain priorities. A priority class having reserved
175 threads will always have
177 threads available for this class (either currently processing a job, or waiting
180 To ensure that there are always enough threads available for higher priority
181 tasks, threads must be reserved for each priority class.
183 .BR charon.processor.priority_threads.critical " [0]"
184 Threads reserved for CRITICAL priority class jobs
186 .BR charon.processor.priority_threads.high " [0]"
187 Threads reserved for HIGH priority class jobs
189 .BR charon.processor.priority_threads.medium " [0]"
190 Threads reserved for MEDIUM priority class jobs
192 .BR charon.processor.priority_threads.low " [0]"
193 Threads reserved for LOW priority class jobs
195 Let's consider the following configuration:
208 With this configuration, one thread is reserved for HIGH priority tasks. As
209 currently only liveness checking and stroke message processing is done with
210 high priority, one or two threads should be sufficient.
212 The MEDIUM class mostly processes non-blocking jobs. Unless your setup is
213 experiencing many blocks in locks while accessing shared resources, threads for
214 one or two times the number of CPU cores is fine.
216 It is usually not required to reserve threads for CRITICAL jobs. Jobs in this
217 class rarely return and do not release their thread to the pool.
219 The remaining threads are available for LOW priority jobs. Reserving threads
220 does not make sense (until we have an even lower priority).
222 To see what the threads are actually doing, invoke
223 .IR "ipsec statusall" .
224 Under high load, something like this will show up:
227 worker threads: 2 or 32 idle, 5/1/2/22 working,
228 job queue: 0/0/1/149, scheduled: 198
231 From 32 worker threads,
235 are running CRITICAL priority jobs (dispatching from sockets, etc.).
237 is currently handling a HIGH priority job. This is actually the thread currently
238 providing this information via stroke.
240 are handling MEDIUM priority jobs, likely IKE_SA_INIT or CREATE_CHILD_SA
243 are handling LOW priority jobs, probably waiting for an EAP-RADIUS response
244 while processing IKE_AUTH messages.
246 The job queue load shows how many jobs are queued for each priority, ready for
247 execution. The single MEDIUM priority job will get executed immediately, as
248 we have two spare threads reserved for MEDIUM class jobs.
250 .SH IKE_SA_INIT DROPPING
251 If a responder receives more connection requests per seconds than it can handle,
252 it does not make sense to accept more IKE_SA_INIT messages. And if they are
253 queued but can't get processed in time, an answer might be sent after the
254 client has already given up and restarted its connection setup. This
255 additionally increases the load on the responder.
257 To limit the responder load resulting from new connection attempts, the daemon
258 can drop IKE_SA_INIT messages just after reception. There are two mechanisms to
259 decide if this should happen, configured with the following options:
261 .BR charon.init_limit_half_open " [0]"
262 Limit based on the number of half open IKE_SAs. Half open IKE_SAs are SAs in
263 connecting state, but not yet established.
265 .BR charon.init_limit_job_load " [0]"
266 Limit based on the number of jobs currently queued for processing (sum over all
269 The second limit includes load from other jobs, such as rekeying. Choosing a
270 good value is difficult and depends on the hardware and expected load.
272 The first limit is simpler to calculate, but includes the load from new
273 connections only. If your responder is capable of negotiating 100 tunnels/s, you
274 might set this limit to 1000. The daemon will then drop new connection attempts
275 if generating a response would require more than 10 seconds. If you are
276 allowing for a maximum response time of more than 30 seconds, consider adjusting
277 the timeout for connecting IKE_SAs
278 .RB ( charon.half_open_timeout ).
279 A responder, by default, deletes an IKE_SA if the initiator does not establish
280 it within 30 seconds. Under high load, a higher value might be required.
283 To do stability testing and performance optimizations, the IKE daemon charon
284 provides the \fIload-tester\fR plugin. This plugin allows one to setup thousands
285 of tunnels concurrently against the daemon itself or a remote host.
288 Never enable the load-testing plugin on productive systems. It provides
289 preconfigured credentials and allows an attacker to authenticate as any user.
291 .SS Configuration details
292 For public key authentication, the responder uses the
293 .B \(dqCN=srv, OU=load-test, O=strongSwan\(dq
294 identity. For the initiator, each connection attempt uses a different identity
296 .BR "\(dqCN=c1-r1, OU=load-test, O=strongSwan\(dq" ,
297 where the first number indicates the client number, the second the
298 authentication round (if multiple authentication rounds are used).
300 For PSK authentication, FQDN identities are used. The server uses
301 .BR srv.strongswan.org ,
302 the client uses an identity in the form
303 .BR c1-r1.strongswan.org .
305 For EAP authentication, the client uses a NAI in the form
306 .BR 100000000010001@strongswan.org .
308 To configure multiple authentication rounds, concatenate multiple methods using,
311 initiator_auth = pubkey|psk|eap-md5|eap-aka
314 The responder uses a hardcoded certificate based on a 1024-bit RSA key.
315 This certificate additionally serves as CA certificate. A peer uses the same
316 private key, but generates client certificates on demand signed by the CA
317 certificate. Install the Responder/CA certificate on the remote host to
318 authenticate all clients.
320 To speed up testing, the load tester plugin implements a special Diffie-Hellman
321 implementation called \fImodpnull\fR. By setting
323 proposal = aes128-sha1-modpnull
325 this wicked fast DH implementation is used. It does not provide any security
326 at all, but allows one to run tests without DH calculation overhead.
329 In the simplest case, the daemon initiates IKE_SAs against itself using the
330 loopback interface. This will actually establish double the number of IKE_SAs,
331 as the daemon is initiator and responder for each IKE_SA at the same time.
332 Installation of IPsec SAs would fail, as each SA gets installed twice. To
333 simulate the correct behavior, a fake kernel interface can be enabled which does
334 not install the IPsec SAs at the kernel level.
336 A simple loopback configuration might look like this:
340 # create new IKE_SAs for each CHILD_SA to simulate
343 # turn off denial of service protection
350 # use 4 threads to initiate connections
353 # each thread initiates 1000 connections
355 # delay each initiation in each thread by 20ms
357 # enable the fake kernel interface to
365 This will initiate 4000 IKE_SAs within 20 seconds. You may increase the delay
366 value if your box can not handle that much load, or decrease it to put more
367 load on it. If the daemon starts retransmitting messages your box probably can
368 not handle all connection attempts.
370 The plugin also allows one to test against a remote host. This might help to
371 test against a real world configuration. A connection setup to do stress
372 testing of a gateway might look like this:
382 # 10000 connections, ten in parallel
385 # use a delay of 100ms, overall time is:
386 # iterations * delay = 100s
388 # address of the gateway
390 # IKE-proposal to use
391 proposal = aes128-sha1-modp1024
392 # use faster PSK authentication instead
396 # request a virtual IP using configuration
398 request_virtual_ip = yes
399 # enable CHILD_SA every 60s
406 .SH IKEv2 RETRANSMISSION
407 Retransmission timeouts in the IKEv2 daemon charon can be configured globally
408 using the three keys listed below:
412 .BR charon.retransmit_base " [1.8]"
413 .BR charon.retransmit_timeout " [4.0]"
414 .BR charon.retransmit_tries " [5]"
415 .BR charon.retransmit_jitter " [0]"
416 .BR charon.retransmit_limit " [0]"
420 The following algorithm is used to calculate the timeout:
423 relative timeout = retransmit_timeout * retransmit_base ^ (n-1)
428 is the current retransmission count. The calculated timeout can't exceed the
429 configured retransmit_limit (if any), which is useful if the number of retries
432 If a jitter in percent is configured, the timeout is modified as follows:
435 relative timeout -= random(0, retransmit_jitter * relative timeout)
438 Using the default values, packets are retransmitted in:
444 Retransmission Relative Timeout Absolute Timeout
455 The variables used above are configured as follows:
461 ${random_device} @random_device@
462 ${urandom_device} @urandom_device@
470 /etc/strongswan.conf configuration file
471 /etc/strongswan.d/ directory containing included config snippets
472 /etc/strongswan.d/charon/ plugin specific config snippets
477 \fBipsec.conf\fR(5), \fBipsec.secrets\fR(5), \fBipsec\fR(8), \fBcharon-cmd\fR(8)
481 .UR http://www.strongswan.org
484 by Tobias Brunner, Andreas Steffen and Martin Willi.