IPSEC/FAST_IPSEC panic.
Matthew Dillon
dillon at apollo.backplane.com
Sun Apr 23 14:59:21 PDT 2006
:I have been experiencing panics when testing IPSEC under HEAD. The
:Kernel panics when sending or receiving Authentication Headers (AH) and
:TCP connections encapsulated in ESP time out.
:
:I've made some progress resolving the panic but I can't get IPSEC or
:FAST_IPSEC to work correctly. I've gone through the ipsec code looking
:for any glaring errors. Any help would be appreciated.
:
:Regards
:
:Gary
:
:Communication between DragonFly Head and FreeBSD 4/6 using IPSEC.
:
:
:options IPSEC
:options IPSEC_ESP
:
:IPSEC AH ICMP, UDP and TCP are working between PCs.
:IPSEC ESP ICMP and UDP work. TCP connections time out.
:IPSEC AH-ESP ICMP and UDP work. TCP connections time out.
I tested your config file between a FreeBSD-6.x and a DragonFly
box and ICMP, UDP, and TCP seems to work.
Could you explain the TCP timeout issue more? Does TCP work initially
and then fail at some point after the connection has been working for
a whlie ? I need to be able to duplicate the problem to track it down.
It might also help to use tcpdump to observe the packet traffic at the
point where the connection starts to fail and times out.
tcpdump -s 4096 -vvv -i em0 -n -l port <port_you_are_testing_tcp_on>
-Matt
More information about the Bugs
mailing list