Re: [Ipsec-tools-devel] further development?
Brought to you by:
mit_warlord,
netbsd
From: Michal L. <mic...@lo...> - 2003-08-22 09:05:06
|
uwe...@t-... told me that: > I'm using a configuration with Linux/Microsoft roadwarriors using X509 > certificates . I have a lot of linux servers in our company production > but not a single BSD one. So this would be a completly new family of OS > for. It's not that different - it's still a UNIX ;-) > With the current implementation I have the following problems: > 1.) A connection is perfectly established between 2 linux partners. ssh > to the remote client works fine. Starting a top freezes in the middle > of the screen. Further connections are still possible, but also will > freeze when using top again. Don't know if this is a kernel or > userspace issue. I can't reproduce this. I have SuSE Linux 8.2 on both sides, once with distribution kernel 2.4.20 and freeswan.rpm and the other side runs with 2.6.0-test3 and ipsec-tools-0.2.2. I used ssh to login there and back several times and now also tried top and observed no problems... > 2.) After several tunnel up down seequences racoon(from my point of > view) doesn' t work anymore. Doesn't work mean that it hangs or couldn't establish (phase1/phase2) SA or couldn't write the SA to the kernel? Does it print some error messages to the log? > setkey -D hangs too and I have to reboot > to get it to work again. Can you realise where setkey hangs? For example attaching to that process with gdb and do a backtrace? # gdb /path/to/setkey <PID-of-setkey> [...] (gdb) backtrace > My problem is to figure out if this are kernel or tools problems. So if > possible I would prefer to get some hints. I'll try to up-down racoon several times and see if I could reproduce the hanging. ML |