Re: Fw: [Bugme-new] [Bug 4138] New: ipsec with racoon in transport mode

To:	akpm@xxxxxxxx (Andrew Morton), au@xxxxxxxxxxxxxxxxx
Subject:	Re: Fw: [Bugme-new] [Bug 4138] New: ipsec with racoon in transport mode with esp and ah hangs (problem is in xfrm_state_add)
From:	Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date:	Mon, 31 Jan 2005 21:54:33 +1100
Cc:	netdev@xxxxxxxxxxx
In-reply-to:	<20050130224404.5f78d28a.akpm@xxxxxxxx>
Organization:	Core
Sender:	netdev-bounce@xxxxxxxxxxx
User-agent:	tin/1.7.4-20040225 ("Benbecula") (UNIX) (Linux/2.4.27-hx-1-686-smp (i686))

Andrew Morton <akpm@xxxxxxxx> wrote:
>  
> the SAD entries for ah and esp have the same km.seq!   

Sounds like a racoon bug.  The kernel will assign different
sequence numbers to the two SAs.  It will also send SADB_ACQUIRE
messages to racoon with those sequence numbers.  So if racoon is
sending two SADB_ADD commands with the same sequence number back
then it's broken.

Could you get a dump of the messages that racoon has received
and sent? That should tell us exactly what's happening.

> Workaround:  
> I comment the if (x->km.seq) { ... } out. than it works vor me. but I know  
> thats not a solution. 

Well without the check we would have silently ignored the sequence
number which is why you wouldn't have noticed the problem with racoon
before.

However, for those who need to use the sequence number this check is
necessary.

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

<Prev in Thread]	Current Thread	[Next in Thread>
Fw: [Bugme-new] [Bug 4138] New: ipsec with racoon in transport mode with esp and ah hangs (problem is in xfrm_state_add), Andrew Morton Re: Fw: [Bugme-new] [Bug 4138] New: ipsec with racoon in transport mode with esp and ah hangs (problem is in xfrm_state_add), Herbert Xu <= Re: Fw: [Bugme-new] [Bug 4138] New: ipsec with racoon in transport mode with esp and ah hangs (problem is in xfrm_state_add), Andreas Unterluggauer Re: Fw: [Bugme-new] [Bug 4138] New: ipsec with racoon in transport mode with esp and ah hangs (problem is in xfrm_state_add), Andreas Unterluggauer Re: Fw: [Bugme-new] [Bug 4138] New: ipsec with racoon in transport mode with esp and ah hangs (problem is in xfrm_state_add), Herbert Xu Re: Fw: [Bugme-new] [Bug 4138] New: ipsec with racoon in transport mode with esp and ah hangs (problem is in xfrm_state_add), David S. Miller Re: Fw: [Bugme-new] [Bug 4138] New: ipsec with racoon in transport mode with esp and ah hangs (problem is in xfrm_state_add), Herbert Xu Re: Fw: [Bugme-new] [Bug 4138] New: ipsec with racoon in transport mode with esp and ah hangs (problem is in xfrm_state_add), David S. Miller

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: [patch 2/2] ipvs deadlock fix, Horms
Next by Date:	ethernet cache question, cranium 2003
Previous by Thread:	Fw: [Bugme-new] [Bug 4138] New: ipsec with racoon in transport mode with esp and ah hangs (problem is in xfrm_state_add), Andrew Morton
Next by Thread:	Re: Fw: [Bugme-new] [Bug 4138] New: ipsec with racoon in transport mode with esp and ah hangs (problem is in xfrm_state_add), Andreas Unterluggauer
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Re: [patch 2/2] ipvs deadlock fix, Horms

Next by Date:

ethernet cache question, cranium 2003

Previous by Thread:

Fw: [Bugme-new] [Bug 4138] New: ipsec with racoon in transport mode with esp and ah hangs (problem is in xfrm_state_add), Andrew Morton

Next by Thread:

Re: Fw: [Bugme-new] [Bug 4138] New: ipsec with racoon in transport mode with esp and ah hangs (problem is in xfrm_state_add), Andreas Unterluggauer

Indexes:

[Date] [Thread] [Top] [All Lists]