Subject: Re: filtering a bridge
To: Wolfgang Rupprecht <>
From: Paul Dokas <>
List: current-users
Date: 02/09/2002 15:30:30
On Fri, Feb 08, 2002 at 01:48:48PM -0800, Wolfgang Rupprecht wrote:
> For what it is worth, I see a similar problem here when running
> isakmpd on -current/x86.  The server's netbsd-current/x86 kernel hangs
> after a night of isakmpd trying unsuccessfully to contact that
> sleeping peer (which is a laptop w. an apm sleep feature).

Sure, I can see this being the same bug.  The only thing that leaves a doubt
for me is that you don't mention a panic.  This bug has always been accompanied
by a panic for me.

> I've also given up on ipsec for the time being.

Actually I've *far* from given up with IPSec.  On the contrary, for static
point to point links, tunnels and very limited mobile use, I've found it
extremely useful.  The hardest thing about it for me was simply figuring
out all of it's features and figuring out how to make racoon/isakmpd work
properly.  Especially when using certificates to authenticate endpoints.

Paul Dokas                                  
Don Juan Matus:  "an enigma wrapped in mystery wrapped in a tortilla."