Subject: Re: filtering a bridge
To: None <>
From: Wolfgang Rupprecht <>
List: current-users
Date: 02/08/2002 13:48:48 (Paul Dokas) writes:
> Also, WRT supporting mobile users.  It would really help if someone could
> look into kern/13813 for me.  It's really easy to repeat (see the racoon
> config files that I posted last week in tech-net).  Without a fix, I
> can't use NetBSD to support mobile IPSec users.  However, this is not
> as big a deal as filtering a bridge.

For what it is worth, I see a similar problem here when running
isakmpd on -current/x86.  The server's netbsd-current/x86 kernel hangs
after a night of isakmpd trying unsuccessfully to contact that
sleeping peer (which is a laptop w. an apm sleep feature).

As far as I can tell from poking at the log files and seeing when the
last entry was, the hang happens around the time when the laptop comes
out of sleep-mode in the morning.  The laptop's kernel (which is the
same kernel as the workstation) is fine.  It is only the desktop that
wedges (w. no video sync, no pings, no console switching etc).

I've also given up on ipsec for the time being.

       Wolfgang Rupprecht <>
Coming soon: GPS mapping tools for Open Systems.