Everyday I have a lot of this messages:
9317: Apr 28 03:00:16.709: %CRYPTO-4-RECVD_PKT_INV_SPI: decaps: rec'd IPSEC packet has invalid spi for destaddr=89.175.xx.xx, prot=50, spi=0x6D715B56(1836145494), srcaddr=77.236.xx.xx
Then Virtual Tunnel Interfaces begin to bounce UP-DOWN.
Sometimes they "hang".
1. What causes them?
2. How can I avoid them?