Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: racoon lossage with netbsd-5

On Mon, 26 Jan 2009, Greg Troxel wrote:
netbsd-5 on i386 from January 8th, userland and kernel matching.

2009-01-26 21:17:43: INFO: initiate new phase 2 negotiation: [redacted]
2009-01-26 21:17:43: ERROR: pfkey UPDATE failed: No such file or directory
2009-01-26 21:17:43: INFO: IPsec-SA established: ESP/Transport 192.[redacted]

There were two larval SAs, and the first one got made real, the second
faded awy.  I have been using IPsec on this box for a long time.  I
think this worked post update and then stopped, but I'm not really sure.

FWIW, I've seen the same a few days ago, also on netbsd-5.

I have a netbsd-5 machine talking to a NetBSD 4.0.1 one, and the latter workes fine, the former gives the above-mentioned error.

I've also tried to replace the netbsd-5 racoon, with varying results:
 * putting a ipsec-tools-0.7.1 compiled for 4.0.1 on the netbsd-5
   machine scores the same error
 * taking the racoon (and shared libs, and setkey) from the 4.0.1
   base system, things got further.

Not sure what the state of netbsd-5's racoon really is...
please keep me posted.

 - Hubert

Home | Main Index | Thread Index | Old Index