Re: ipsec with link local

To: 6bone%6bone.informatik.uni-leipzig.de@localhost
Subject: Re: ipsec with link local
From: Hubert Feyrer <hubert%feyrer.de@localhost>
Date: Tue, 30 Mar 2010 00:31:31 +0200 (CEST)

On Sat, 27 Mar 2010, 6bone%6bone.informatik.uni-leipzig.de@localhost wrote:

-A hmac-md5 0xdf84cd88405b8faed89031e4118e6cf6;
add -6 fe80::20a:e4ff:fe84:5100%bge0 fe80::214:22ff:fe1d:8b41%bge0 ah 0x200-A hmac-md5 0xdf84cd88405b8faed89031e4118e6cf6;
spdadd -6 fe80::/10 fe80::/10 ospfigp -P in ipsec ah/transport//require;
spdadd -6 fe80::/10 fe80::/10 ospfigp -P out ipsec ah/transport//require;

Just a wild guess: add qualification of the interface to the address inspdadd ("fe80::/10%bge0")?

Also, can you try a different network card? I've seen (few, but still) NICdrivers that don't get multicasting right, and as a result v6 doesn't workproperly. That's not related to IPsec then, though.

As last resort, see if you can use non-link-local addresses.


 - Hubert

References:
- ipsec with link local
  - From: 6bone

Prev by Date: Build failure - port amd64 - if_i3331394subr.o
Next by Date: daily CVS update output
Previous by Thread: ipsec with link local
Next by Thread: daily CVS update output
Indexes:

Home | Main Index | Thread Index | Old Index