Hello, all!

Running ipsec-tools 0.7.2 on Mandriva 2009.1 I've observed behavior that I believe is a defect: whenever a "racoonctl reload-config" is issued, it appears (by inspecting the corresponding /proc/<pid>/fd directory) that file descriptors are being left open for old configurations instead of closing them when no longer needed.  Needless to say - run the server long enough and it will run out of file descriptors depending on ulimit configurations and such.

Can someone else confirm this behavior?  Simply inspect the contents of /proc/<racoon-pid>/fd before issueing "racoonctl reload-config", and then inspect them after (and, obviously, compare).  You should see a duplicate list of file descriptors (i.e. everything was re-opened, but the old stuff was never closed).


Diego Rivera
Director / System Operations
Roundbox Global : enterprise : technology : genius
Avenida 11 y Calle 7-9, Barrio Amón, San José, Costa Rica
tel: +1 (404) 567-5000 ext. 2147 | cel: +(506) 8393-0772 | fax: +(506) 2258-3695
email: diego.rivera@rbxglobal.com | www.rbxglobal.com