[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Fix for the NAT-T ABI change
In article <20100828123007.GA22512%serpens.de@localhost>,
S.P.Zeidler <spz%serpens.de@localhost> wrote:
>please review and test the patch at
>The patch leans on vanhus patch for FreeBSD, but differs.
>IPSEC + IPSEC-NAT-T: tested to work when not using NAT-T
>(I use IPSEC but I have no counterpoint to test NAT-T against at present)
>FAST_IPSEC + IPSEC-NAT-T: does not seem to work less than without the patch
>IPv4 seems to work.
>IPv6: I can ping6 my tunnel gateway, but nothing beyond it. It seems
>to try to open a ipsec conversation to the target itself instead of
>tunnelling, which is Not Allowed (and not expected).
>Starting firefox (with or without the NAT-T patch) gets me a panic with
>ensuing panic of ddb (with the NAT-T patch it's LOCKDEBUG, not convinced
>that that is resembling the reason). I'll test FAST_IPSEC some more later.
Thanks Petra. I just wished the IPSEC folks were more considerate when
making such changes :-( It is really unfortunate that this has been broken
for so long.
Main Index |
Thread Index |