Subject: Re: VAX code generation problem wrt IPSEC?
To: None <email@example.com, firstname.lastname@example.org>
From: Olaf Seibert <email@example.com>
Date: 11/12/2001 01:04:24
On Sun 11 Nov 2001 at 21:57:15 +0100, Olaf Seibert wrote:
> I am now compiling a -O0 kernel to see if it makes more difference.
For starters, it breaks savecore and domain lookups:
savecore: can't find device 3536/854608
ntpdate: can't find host azenomei.falu.nl
ntpdate: no servers can be used, exiting
00:49:33.214965 xzan.falu.nl.65519 > azenomei.falu.nl.domain: 63033+ A? azenomei.falu.nl.falu.nl. (42)
(with no reply)
00:50:48.441532 azenomei.falu.nl > xzan.falu.nl: icmp: echo request
and pings are not replied to anymore.
00:57:35.688598 xzan.falu.nl > azenomei.falu.nl: icmp: echo request
Pings from the vax are also not replied by the alpha??? tcpdump, running
on the alpha can see them though.
I briefly thought I had not turned off all IPsec stuff on the alpha side
(azenomei) but since tcpdunp shows this stuff in the clear, that cannot
be the case.
Looking at netstat -s gives apparently the answer:
42720111 total packets received
195 bad header checksums (and rising)
So if -O0 really breaks all that stuff it will not be very useful for
testing. At least the checksum algorithm is affected, maybe that gives a
hint for what's wrong with IPsec.
___ Olaf 'Rhialto' Seibert - rhialto@polder --They that can give up essential
\X/ land.nl --liberty to purchase a little temporary safety
--------------deserve neither liberty or safety. - Benjamin Franklin, 1759
---People will accept your ideas much more readily if you tell them that
---Benjamin Franklin said it first. - Unknown