Re: Testing racoon

To: Roy Marples <roy%marples.name@localhost>, Christos Zoulas <christos%zoulas.com@localhost>, Maxime Villard <max%m00nbsd.net@localhost>
Subject: Re: Testing racoon
From: Chuck Zmudzinski <frchuckz%gmail.com@localhost>
Date: Thu, 14 Jun 2018 12:20:04 -0400



On 06/13/2018 04:26 PM, Roy Marples wrote:

On 13/06/2018 17:22, Christos Zoulas wrote:
On Jun 13, 11:23am, frchuckz%gmail.com@localhost (Chuck Zmudzinski) wrote:
-- Subject: Re: Testing racoon

Thanks for all the feedback and testing!

| The problem was fixed by a reboot of the whole system, and then racoon
| started normally again.
There might be still an issue with buffer space in current, but weexplicitlybumped the limits for syslogd and kernel sockets. I am not sure whatwent
on here and the ipsec related socket buffers got full.
Looking through our sources for racoon (and assuming racoon2 behavessimilar here), racoon will always set it's own view on how big thereceive buffer should be. See pfkey_set_buffer_size().
So the default socket buffer sizes are not guilty here.

I suspect the error Chuck is seeing was fixed last week by this commit:
https://mail-index.netbsd.org/source-changes/2018/06/06/msg095775.html

Roy

It could have been fixed by that - I was testing a snapshot from acouple of days before that commit.

I am now updated to a snapshot from yesterday and will presume it is fixed.

Thanks,

Chuck

References:
- Re: Testing racoon
  - From: Christos Zoulas
- Re: Testing racoon
  - From: Roy Marples

Prev by Date: Re: Testing racoon
Next by Date: racoon2 IKEv1 is working!
Previous by Thread: Re: Testing racoon
Next by Thread: Maximizing UDP rate
Indexes:

Home | Main Index | Thread Index | Old Index