StrongSwan's charon (v4.5.2) has some problems.
1. Collision occurs at rekey, VPN keep disconnected.
when keylife is short , Collision occurs at rekey.
IKEv2 05[IKE] CHILD_SA rekey collision lost, deleting rekeyed child
I'd backport this issue.
2. Collision occurs at rekey, segmentation fault occurs with IPsec VTI
ipsec_starter: charon has died -- restart scheduled (5sec)
A null pointer is referenced and a segmentation fault occurs.
The above problems can be reproduced by bellow setting.
ipsec.conf --- keylife=10s rekeymargin=5s rekeyfuzz=0%
working fine at nifcloud VPN Gateway.