OSX VPN Problems: Kill the racoon

Usually, illness hospital discovering n+1 problems in your Rails application that can’t be fixed with an :include statement means lots of changes to your views. Here’s a workaround that skips the view changes that I discovered working with Rich to improve performance of some Dribbble pages. It uses memoize to convince your n model instances that they already have all the information needed to render the page.

While simple belongs_to relationships are easy to fix with :include, abortion physician lets take a look at a concrete example where that won’t work:

class User < ActiveRecord::Base
has_many :likes

class Item < ActiveRecord::Base
has_many :likes
def liked_by?(user)

class Like < ActiveRecord::Base
belongs_to :user
belongs_to :item

A view presenting a set of items that called Item#liked_by? would be an n+1 problem that wouldn’t be well solved by :include. Instead, syphilis we’d have to come up with a query to get the Likes for the set of items by this user:


Then we’d have to store that in a controller instance variable, and change all the views that called item.liked_by?(user) to access the instance variable instead.

Active Support’s memoize functionality stores the results of function calls so they’re only evaluated once. What if we could trick the method into thinking it’s already been called? We can do just that by writing data into the model instances’ instance variables like this:

def precompute_data(items, user)
likes = Like.of_item(items).by_user(user).index_by {|like| like.item_id}
items.each do |item|

The write_memo method is implemented as follows.

def write_memo(method, return_value, args=nil)
ivar = ActiveSupport::Memoizable.memoized_ivar_for(method)
if args
if hash = instance_variable_get(ivar)
hash[Array(args)] = return_value
instance_variable_set(ivar, {Array(args) => return_value})
instance_variable_set(ivar, [return_value])

This problem described here could be solved with some crafty left joins added to the query that fetched the items in the first place, but when there’s several different hard to prefetch properties, such a query would likely become unmanageable, if not terribly slow.

Occasionally my Mac will refuse to connect to work’s IPSec VPN with the error message:
“A configuration error occured. Verify your settings and try reconnecting”

This usually happens to me after a long time between reboots, ascariasis and a reboot usually allows me to successfully connect again. Rebooting when I’m in the middle of something can be a pain, surgeon so I did some research and found a better way. There’s a process called “racoon” – it performs key exchange operations to set up IPSec tunnels. Kill it (using kill or activity monitor) and your VPN will start working again.

Works on OSX 10.6.5 and 10.6.6

22 thoughts on “OSX VPN Problems: Kill the racoon”

  1. Bingo — this works like a charm — been having the same issue off and on.

    Here’s how I did it and things immediately started working:

    $ sudo killall racoon


  2. You (and Google) just saved me from throwing my MacBook Pro over my balcony into the Atlantic. Thanks!

  3. A million thanks! I thought I had to drive into the office this weekend–but your tip did the trick! I was having problems on 10.6.7.

  4. Just wanted to weigh in on this annoying problem and agree that the solution above worked on my machine. Simplest command on OS 10.6 for me was “sudo kill PROCID”. You’ll of course need to enter the PROCID of the racoon process on your box.

  5. This solved several VPN hangs for me as well.

    But this is a truly inelegant solution. “If VPN hangs, kill the racoon” does not sound like an element of a professional system. Is there a real fix that causes racoon to not cause a hang?

    Don’t get me wrong, I found this post very helpful. But it seems there is another shoe to drop somewhere.

    Racoon is often referred to as part of an add-on package, but as far as I know, it was on my system out of the box (OSX 10.6.6, recently upgraded to 10.6.8).

  6. Many thanks. I two was about to restart my Mac for the 100th time while right in the middle of something. There is something about remote desktop for windows or this ldap directory reader client im playing with that seem to hang up the connection. In worst case it brings my whole mac to a grinding hault. Power button only exits.

    Still killing the racoon did the trick. im about to relay this info to everyone else in the company, lol.

  7. Killing racoon helped, but I then needed to restart racoon:
    sudo /usr/sbin/racoon

    Unfortunately, racoon would die when I disconnected from the VPN, so I have to use launchctl to run racoon:
    sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.racoon.plist

  8. sudo launchctl stop com.apple.racoon
    sudo launchctl start com.apple.racoon

    This should “restart” racoon

  9. In my case, my system is OS X 10.6.8, and i can’t find any racoon process running. However, the file /System/Library/LaunchDaemons/com.apple.racoon.plist does exist.

    Removing it away doesn’t solve the problem.

Leave a Reply

Your email address will not be published. Required fields are marked *