Hosting Provided By

linux-ipsec: A FreeS/WAN crash

From: Hugh Daniel <hugh(at)road.toad.com>
Date: Thu Nov 12 1998 - 09:06:40 EST

I just crashed west doing a simple IPSEC VPN test with pings as the traffic. Below are logs from my xterms on west and a tcpdump from yet another machine.
West just stopped, not totaly deal (normal pings worked, I could change consoles but not login).

Great, I rebooted west and now the connection is totaly dead as it was only being started at east's end and that end has given up. Ug. The current system only works if BOTH machines try to start the SA, right?

I am going to go install a 1998nov06 on west before testing more. Later folks.

		||ugh Daniel
		hugh@toad.com

			Systems Testing & Project mis-Management
			The Linux FreeS/WAN Project
			
http://www.xs4all.nl/~freeswan


Nov 12 05:44:52 west Pluto[6906]: responding to Main Mode, state #1295, connection "ew"
Nov 12 05:44:58 west Pluto[6906]: IPsec SA #1281 expired for 209.157.90.145
Nov 12 05:44:58 west Pluto[6906]: deleting state #1281
Nov 12 05:45:18 west Pluto[6906]: responding to Quick Mode, state #1296, connection "ew"
Nov 12 05:45:22 west Pluto[6906]: IPsec SA #1282 expired for 209.157.90.145
Nov 12 05:45:24 west Pluto[6906]: deleting state #1282
Nov 12 05:45:27 west Pluto[6906]: IPsec SA #1283 expired for 209.157.90.145
Nov 12 05:45:28 west Pluto[6906]: deleting state #1283
Nov 12 05:45:35 west Pluto[6906]: ISAKMP SA #1280 expired for 209.157.90.145
Nov 12 05:45:36 west Pluto[6906]: deleting state #1280
Nov 12 05:45:42 west Pluto[6906]: IPsec SA #1284 expired for 209.157.90.145
Nov 12 05:45:43 west Pluto[6906]: deleting state #1284
Nov 12 05:45:59 west Pluto[6906]: responding to Quick Mode, state #1297, connection "ew"
Nov 12 05:46:00 west Pluto[6906]: IPsec SA #1286 expired for 209.157.90.145
Nov 12 05:46:02 west Pluto[6906]: deleting state #1286
Nov 12 05:46:04 west Pluto[6906]: IPsec SA #1287 expired for 209.157.90.145
Nov 12 05:46:06 west Pluto[6906]: deleting state #1287
Nov 12 05:46:09 west Pluto[6906]: byte 2 of ISAKMP Generic Payload must be zero, but is not
Nov 12 05:46:10 west Pluto[6906]: malformed payload in packet from 209.157.90.145, port 500
Nov 12 05:46:12 west Pluto[6906]: IPsec SA #1288 expired for 209.157.90.145
Nov 12 05:46:13 west Pluto[6906]: deleting state #1288
Nov 12 05:46:18 west Pluto[6906]: next payload type of ISAKMP Generic Payload has an unknown value: 181
Nov 12 05:46:20 west Pluto[6906]: malformed payload in packet from 209.157.90.145, port 500
Do you need help? 
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software:Learn more about Pantek's Technical Support offerings
Place an order for 24/7/365 Technical Support here
Learn more about Pantek, who we are, and what we do
Chat with a Live Operator
Related lists.freeswan.org Links
1998-fall
1998-spring
1998-summer
1998-winter
1999-winter
announce
briefs
bugs
design
freeswan-list
hipsec
ietf-sectest
users
users-admin
Request more information about Pantek
Nov 12 05:46:22 west Pluto[6906]: IPsec SA #1289 expired for 209.157.90.145
Nov 12 05:46:23 west Pluto[6906]: deleting state #1289
Nov 12 05:46:26 west Pluto[6906]: ISAKMP SA #1285 expired for 209.157.90.145
Nov 12 05:46:27 west Pluto[6906]: deleting state #1285

Nov 12 05:46:33 west Pluto[6906]: next payload type of ISAKMP Generic Payload has an unknown value: 94 Nov 12 05:46:42 west Pluto[6906]: malformed payload in packet from 209.157.90.145, port 500 (here the machine crashes)

Somewhere in this tcpdump output is the crash

05:44:56.854387 east.toad.com.500 > west.toad.com.500: udp 292
05:44:57.931591 west.toad.com.500 > east.toad.com.500: udp 180
05:44:58.036907 east.toad.com.500 > west.toad.com.500: udp 68
05:45:15.683012 arp who-has 209.157.90.150 tell west.toad.com
05:45:15.683053 arp reply 209.157.90.150 is-at 0:40:5:a1:e8:1d
05:45:20.821946 west.toad.com.500 > east.toad.com.500: udp 292
05:45:20.922966 east.toad.com.500 > west.toad.com.500: udp 52
05:45:26.007355 east.toad.com.500 > west.toad.com.500: udp 292
05:45:28.011177 east.toad.com.500 > west.toad.com.500: udp 68
05:45:33.956139 west.toad.com.500 > east.toad.com.500: udp 68
05:45:44.571431 arp who-has east.toad.com tell 209.157.90.150
05:45:44.571505 arp reply east.toad.com is-at 0:a0:24:d8:51:2f
05:45:55.981740 east.toad.com.500 > west.toad.com.500: udp 292
05:45:59.727369 west.toad.com.500 > east.toad.com.500: udp 292
05:45:59.832514 east.toad.com.500 > west.toad.com.500: udp 52
05:46:04.917825 east.toad.com.500 > west.toad.com.500: udp 292
05:46:16.111346 syzygy.com.ntp > east-sec.toad.com.ntp: v3 client strat 3 poll 10 prec -14
05:46:16.111490 east-sec.toad.com > syzygy.com: icmp: east-sec.toad.com udp port ntp unreachable [tos 0xc0]
05:46:19.947337 east.toad.com.500 > west.toad.com.500: udp 176
05:46:34.962481 east.toad.com.500 > west.toad.com.500: udp 292
05:46:49.982745 east.toad.com.500 > west.toad.com.500: udp 176
05:47:04.993044 east.toad.com.500 > west.toad.com.500: udp 292
Do you need more help? 
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software:Learn more about Pantek's Technical Support offerings
Place an order for 24/7/365 Technical Support here
Learn more about Pantek, who we are, and what we do
Chat with a Live Operator
Related lists.freeswan.org Links
1998-fall
1998-spring
1998-summer
1998-winter
1999-winter
announce
briefs
bugs
design
freeswan-list
hipsec
ietf-sectest
users
users-admin
Request more information about Pantek
05:47:20.013325 east.toad.com.500 > west.toad.com.500: udp 176
05:47:35.100889 east.toad.com.500 > west.toad.com.500: udp 292
05:47:40.442813 west.toad.com.500 > east.toad.com.500: udp 292
05:47:50.459379 east.toad.com.500 > west.toad.com.500: udp 176
05:48:05.474214 east.toad.com.500 > west.toad.com.500: udp 292
05:48:15.688941 arp who-has east.toad.com tell west.toad.com
05:48:15.689024 arp reply east.toad.com is-at 0:a0:24:d8:51:2f
05:48:20.494379 east.toad.com.500 > west.toad.com.500: udp 176
05:48:35.504357 east.toad.com.500 > west.toad.com.500: udp 292
05:48:50.524387 east.toad.com.500 > west.toad.com.500: udp 176
05:49:05.611734 east.toad.com.500 > west.toad.com.500: udp 292
05:49:15.633604 mail1.toronto.istar.net.domain > east-sec.toad.com.domain: 21752 (39) (DF)
05:49:15.635109 east-sec.toad.com.domain > mail1.toronto.istar.net.domain: 21752 0/12/12 (455)
05:49:21.711848 sunrise.toad.com > sunset.toad.com: icmp: echo request
05:49:21.711903 sunrise.toad.com > sunset.toad.com: icmp: echo request
05:49:21.766330 sunrise.toad.com > sunset.toad.com: icmp: echo request
05:49:21.766361 sunrise.toad.com > sunset.toad.com: icmp: echo request
05:49:21.784655 sunrise.toad.com > sunset.toad.com: icmp: echo request
05:49:21.784694 sunrise.toad.com > sunset.toad.com: icmp: echo request
05:49:21.801825 sunrise.toad.com > sunset.toad.com: icmp: echo request
05:49:21.801892 sunrise.toad.com > sunset.toad.com: icmp: echo request
05:49:21.821841 sunrise.toad.com > sunset.toad.com: icmp: echo request
05:49:21.821878 sunrise.toad.com > sunset.toad.com: icmp: echo request

Received on Thu Nov 12 13:03:36 1998

This message: [ Message body ]
Next message: Hugh Daniel: "linux-ipsec: More fun with Pluto"
Previous message: Richard Guy Briggs: "linux-ipsec: standards mapping"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 12:59:06 EDT