dead connection after "Error in the pull function"

Fri Aug 12 09:38:29 PDT 2022

On Wed, Aug 10, 2022 at 1:37 PM Bernd Schubert
<bernd.schubert at fastmail.fm> wrote:
> At least for me the interesting part is that openconnect is not sending
> these ESP probes anymore then - I wonder if it is hanging. Going to get
> pstack output tomorrow.
>
> So I enabled time stamps now (thanks for the parameter)
>
> 1)
> ...
> [2022-08-10 21:22:11] ESP session established with server
> [2022-08-10 21:22:33] Send ESP probes for DPD
> [2022-08-10 21:23:03] Send ESP probes for DPD
> ....
> [2022-08-10 21:42:35] Send ESP probes for DPD
> [2022-08-10 21:42:42] ESP detected dead peer    <-------- Hmmm
> [2022-08-10 21:42:42] UDP SO_SNDBUF: 28000
> [2022-08-10 21:43:42] Send ESP probes
> [2022-08-10 21:44:42] Send ESP probes
> ...
> [2022-08-10 21:53:13] Send ESP probes
> [2022-08-10 21:53:53] Read error on SSL session: Error in the pull function.
> ...
>
> ===> >30 min
>
>
> 2)
> ....
> [2022-08-10 21:57:46] ESP session established with server
> [2022-08-10 21:58:01] Send ESP probes for DPD
> [2022-08-10 21:58:16] Send ESP probes for DPD
> ...
> [2022-08-10 22:02:32] Send ESP probes for DPD
> [2022-08-10 22:02:35] Read error on SSL session: Error in the pull function.
>
> ===> <5min
>
> With 2 runs (it gets late here) once around 30 min and another time
> around 5 minutes.

Thanks for checking this. Yeah, doesn't look like a perfectly
consistent timing here.

We will need to do some experimenting against our Pulse test server to
try to figure out how to send keepalives to the TLS channel.

Dan