Retransmission
Retransmission timeouts in the IKE charon daemon
can be configured globally via strongswan.conf
options.
The following keys are used to configure retransmission behavior:
| Key | Type | Default | Description |
|---|---|---|---|
charon.retransmit_tries |
Integer |
|
Number of retransmissions to send before giving up |
charon.retransmit_timeout |
Double |
|
Timeout in seconds |
charon.retransmit_base |
Double |
|
Base of exponential backoff |
charon.retransmit_jitter |
Integer |
|
Maximum jitter in percent to apply randomly to calculated retransmission timeout
( |
charon.retransmit_limit |
Integer |
|
Upper limit in seconds for calculated retransmission timeout ( |
The following formula is used to calculate the timeout:
relative timeout = retransmit_timeout * retransmit_base ^ (n-1)
Where n is the current retransmission count. The calculated timeout can’t
exceed the configured retransmit_limit (if any) which is useful if the number
of retries is high.
If a jitter in percent is configured, the timeout is modified as follows:
relative timeout = relative timeout - random(0, retransmit_jitter * relative timeout)
Using the default values, packets are retransmitted as follows:
| Retransmission | Formula | Relative timeout | Absolute timeout |
|---|---|---|---|
1 |
4 * 1.8 ^ 0 |
4s |
4s |
2 |
4 * 1.8 ^ 1 |
7s |
11s |
3 |
4 * 1.8 ^ 2 |
13s |
24s |
4 |
4 * 1.8 ^ 3 |
23s |
47s |
5 |
4 * 1.8 ^ 4 |
42s |
89s |
giving up |
4 * 1.8 ^ 5 |
76s |
165s |