Re: racoon lossage with netbsd-5

To: Greg Troxel <gdt%ir.bbn.com@localhost>
Subject: Re: racoon lossage with netbsd-5
From: Hubert Feyrer <hubert%feyrer.de@localhost>
Date: Tue, 27 Jan 2009 08:12:07 +0100 (CET)


On Mon, 26 Jan 2009, Greg Troxel wrote:

netbsd-5 on i386 from January 8th, userland and kernel matching.

2009-01-26 21:17:43: INFO: initiate new phase 2 negotiation: [redacted]
2009-01-26 21:17:43: ERROR: pfkey UPDATE failed: No such file or directory
2009-01-26 21:17:43: INFO: IPsec-SA established: ESP/Transport 192.[redacted]

There were two larval SAs, and the first one got made real, the second
faded awy.  I have been using IPsec on this box for a long time.  I
think this worked post update and then stopped, but I'm not really sure.


FWIW, I've seen the same a few days ago, also on netbsd-5.

I have a netbsd-5 machine talking to a NetBSD 4.0.1 one, and the latterworkes fine, the former gives the above-mentioned error.


I've also tried to replace the netbsd-5 racoon, with varying results:
 * putting a ipsec-tools-0.7.1 compiled for 4.0.1 on the netbsd-5
   machine scores the same error
 * taking the racoon (and shared libs, and setkey) from the 4.0.1
   base system, things got further.

Not sure what the state of netbsd-5's racoon really is...
please keep me posted.


 - Hubert

Follow-Ups:
- Re: racoon lossage with netbsd-5
  - From: Hubert Feyrer
- Re: racoon lossage with netbsd-5
  - From: Michael van Elst

References:
- racoon lossage with netbsd-5
  - From: Greg Troxel

Prev by Date: Re: Gumstix verdex support
Next by Date: Re: racoon lossage with netbsd-5
Previous by Thread: racoon lossage with netbsd-5
Next by Thread: Re: racoon lossage with netbsd-5
Indexes:

Home | Main Index | Thread Index | Old Index