Debian's racoon package's init script doesn't flush the SPD or SAD from the kernel on shutdown. When you fail over to another VPN firewall, you get 'no such process' complaints from the kernel even though you have a valid routing table.
bug #639970.