|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
Re: linux-ipsec: More questions
Date: Fri Nov 27 1998 - 13:00:47 EST
> (Because SUSE has a somewhat different filesystem structure, the
Looks can be deceiving...
> ... "look" shows the following:
It sounds like "setup" did *not* in fact work correctly -- the ipsec0 interface has not been connected to eth0 properly. To confirm this, either "cat /proc/net/ipsec_tncfg" or "ipsec barf".
Note that ipsec_look is intended for situations where things are going well -- ipsec_barf is the weapon of choice for difficulties. Notably, if you are going to ask for help, please send ipsec_barf output, *not* ipsec_look output. Yes, it's bulky, but it goes to some lengths to capture everything that might be relevant in troubleshooting, and ipsec_look does not.
> Further, I wonder why packets in the one direction are of proto 51
That one's definitely weird, especially since the SAs would appear to be set up correctly.
> Btw: The terms "left" and "right" are really not very well chosen.
The whole point of using "left" and "right" is that they do *not* differ from machine to machine. That's the main motive, not a side effect; changing to "local" and "remote" would defeat the objective, which is to make it possible to use identical control files on both ends. For that, the terms *have* to describe the network in an absolute way, not relative to one particular host. Possibly "left" and "right" are not the best; I considered several other possibilities but didn't find any I liked. If anyone has specific suggestions on better ones, I'd be interested.
Henry Spencer
henry@spsystems.net
(henry@zoo.toronto.edu)
Received on Fri Nov 27 13:30:26 1998This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 12:59:08 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |