[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: [Ipsec-tools-devel] racoon+NAT-T and racoon+debug+IPv6 not so happy?
On Sun, Oct 26, 2008 at 12:31:21PM +0100, S.P.Zeidler wrote:
> before I unpack digging equipment:
> is it old news that racoon and a kernel with NAT-T  will result in a
> failure to do IPSEC because the pfkey update about NAT-T fails in phase 2
> and racoon decides to fail the entire connection?
As asked by other people, what are the exact versions of racoon and
NetBSD you're running ?
If you're running NetBSD-current and racoon-HEAD (which is probably
the shipped version with NetBSD-current), yes, it may be a well known
problem in PFKey interface, I started to clean it but it will need
more works on both kernel and userland.
> And also that you may get 'racoon: stack overflow detected; terminated'
> when using racoon -F -d and IPv6 at the same time? The latter is
> restricted to the debug mode, just racoon -F doesn't go splat.
Definitely looks like a bug :-)
Can you provide us more informations about that (a backtrace, some
more logs, etc...) ?
Main Index |
Thread Index |