On Tue, Aug 03, 2021 at 12:17:38PM +0100, Stuart Henderson wrote: > On 2021/08/03 01:12, Vitaliy Makkoveev wrote: > > iked(8) uses 3 hours and 512 megabytes of processed data as default > > lifetime hard limits for Child SA. Also it sets 85-95% of these values as > > soft limit. iked(8) should perform rekeying before we reach hard limit > > otherwise this SA will be killed and the tunnel stopped. With default > > values the window is only 25-52 megabytes and we easily consume them > > before rekeying and the tunnel stops. > > > > Hrvoje Popovski complained about such stops when he has tested ipsec(4) > > related diffs. I also tried iked(8) with my macos and found that simple > > "ping -f ..." makes rekeying impossible. > > > > The hard limit could be modified in iked.conf(5) by setting "lifetime > > xxx bytes yyy", but the 5% difference between hard and soft limits forces > > to set bytes limit big enough, about 4G and more, which could be bad for > > security reason. > > > > I propose to increase the default hard limit at least up to 1G. Also I > > propose to decrease the soft limit down to 50-60% of hard limit. This > > keeps the rekeying frequency but increases the update window to 410-512 > > megabytes. Also this allow to keep bytes in "lifetime" setting small > > enough. > > I have a couple of comments; > > - this isn't a problem I've run into with real-world usage or when > running tcpbench over (moderately fast) internet connections - I'm not > saying it doesn't happen, but it seems relatively uncommon, with > connections at LAN speeds of course it's much more likely > > - a 50% lower limit feels too low to me >
Why? The 95% limit is too close to lifetime expiration and as it was exposed we don't have enough time to perform rekeying. I also had this problem while tested iked(8) over WIFI connection and this is one of real-world usage cases. > - your jitter change affects lifetime both in seconds and in bytes, > I think changing the jitter for the seconds lifetime is a mistake > > - the jitter change could result in some really short rekey intervals > if somebody has manually specified lifetimes which are the same as or less > than the current default > The original code permits you to set "lifetime 1 bytes 1" in iked.conf(5) so you could have SA with hard lifetime 1 second and 1 byte and soft lifetime with 0 seconds (disabled) and 0 bytes (disabled) limit. You could successfully connect but rekeying will never happened. Is this iked(8) problem or the wrong iked(8) setup problem? Who should solve it (for example, print error message and don't startup)? > - looking at other IKEv2 implementations: if bytes lifetime is supported > at all (several implementations don't have it, only time-based lifetime), > the default settings rarely seem to use it > > - 512MB is not really a lot of data > As I said, 410-512Mb limit was chosen because the "lifetime 3h bytes 4G" pretty works with original iked(8) 95% jitter. At least for me and Hrvoje. 95% jitter with 4G limit provides us 205Mb for rekeying.
