Kernel 2.6.10 with IPSEC problems?

From: Joerg Platte
Date: Sun Dec 26 2004 - 10:03:32 EST

Next message: Parag Warudkar: "Re: Ho ho ho - Linux v2.6.10 [USB Issues]"
Previous message: Mark Williams (MWP): "2.6.10 make script problems"
Next in thread: Patrick McHardy: "Re: Kernel 2.6.10 with IPSEC problems?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

After an upgrade from 2.6.9 to 2.6.10 my IPSEC tunnel does not work as usual.
My computer and the VPN-gateway can negotiate and build a tunnel and packets
can use the tunnel. But then packets which must be routed get lost somewhere
inside the kernel. tcpdump shows them first encrypted in ESP packets and then
the unencrypted payload on the same interface. But they do not leave the
kernel on the destination interface. Only packets with my computer as
destination are processed. I did not change my IPSEC configuration and the
kernel was configured using "make oldconfig".

Is there a problem in the routing layer somewhere inside the kernel or an
internal change which requires a configuration change on my side? How can I
determine, where and why the packets inside the kernel are thrown away?

To verify the problem I build a 2.6.10 kernel on the VPN gateway. And this
kernel seems to have the same problem. Previously encrypted packets are not
routed to th destination.

Downgrading to 2.6.9 solved the problem in both cases...

Regards,
Jörg
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Parag Warudkar: "Re: Ho ho ho - Linux v2.6.10 [USB Issues]"
Previous message: Mark Williams (MWP): "2.6.10 make script problems"
Next in thread: Patrick McHardy: "Re: Kernel 2.6.10 with IPSEC problems?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]