Hello...

Running 1.5_ALPHA on i386; I have an IPsec tunnel to a remote host, and I run periodic pings to see if it's up; Every once in a while I get this error:

ping: sendto: No route to host
ping: sendto: No route to host
ping: sendto: No route to host
ping: sendto: No route to host
ping: sendto: No route to host

Tcpdump shows a lot of these:

09:04:16.109522 arp who-has xxxxxxx.qwestdsl.net tell xxxxxxxx.xxxxxx.com
09:04:16.110154 arp reply xxxxxxx.qwestdsl.net is-at 0:b0:c2:88:23:bd

(xxxxxxx.questdsl.net is the remote machine)

And a corresponding entry in /var/log/messages:

Jul 27 07:03:22 lava-int /netbsd: arplookup: unable to enter address for xx.xxx.xxx.xxx (host is not on local network)
Jul 27 07:04:12 lava-int last message repeated 10 times
Jul 27 07:05:02 lava-int last message repeated 10 times

While this is happening, I can try and ping the router (my box is connected to a Cisco 1720 via crossover to the internet) and I get "host is down" messages.

I'll watch tcpdump, and eventually my box will rearp for my gateway's ethernet address (the 1720); Then everything works (i.e. I can ping my gateway, and the remote host, and of course, the tunnel works again), until, of course, things break again.

Any suggestions? Should I set the subnetsarelocal sysctl, am I totally off here?

Thanks,

Chris

-- 
Christopher Kyin-hwa Chen <cchen@nougat.org>
<http://www.nougat.org/~cchen/>
To envision the joy, at 6am, of pulling thousands of spam emails out
of a clogged mail queue, imagine pulling a cat out of a toilet.