Wind River Support Network


LIN6-8709 : CLONE - Racoon Using 100% CPU

Created: Nov 9, 2014    Updated: Dec 3, 2018
Resolved Date: Nov 16, 2014
Previous ID: LIN4-31924
Found In Version: 6.0
Fix Version:
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace


Codenomicon ISAKMP robustness test is causing 100% CPU usage from racoon.

Steps to Reproduce

One IPSec tunnel is configured between Target (2a00:8a00:4000:11b1::5) and Codenomicon machine(2a00:8a00:4000:10f4:21d:60ff:feb9:91f1).

IPSec rule at both ends:
2a00:8a00:4000:11b1::5/128  <-> 2a00:8a00:4000:10f4:21d:60ff:feb9:91f1/128

Two other ipsec tunnels are configured for LI(Lawful Interception) traffic between Target and VPNGW

a.   <->
b. 2a00:8a00:4000:11b1::5  <-> 2a00:8a00:4000:11f9::3

IPSec rules at both ends:
a. 2a00:8a00:4000:11b4::/64  <-> 2a00:8a00:4000:11b6::5/128
b.    <->

During test execution, CPU usage by racoon increases to 100% over the duration of 3-4 hours.

strace  on racoon reveals that raccoon is stuck in an indefinite loop doing recvfrom() call at socket descriptor 0.
This socket descriptor 0 is the pfkey descriptor - as found out from /proc entries.

After racoon enters busy loop, it becomes dormant and do not respond to any other messages leading to failures in Codenomicon testcases.

Other Downloads

Live chat