|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
Re: linux-ipsec: Annoying problem with Pluto
Date: Thu May 21 1998 - 21:33:06 EDT
| From: Hugh Daniel <hugh@road.toad.com>
Thanks for the bug report.
| The short form of this is that I was trying out the freeswan-0.8
I don't think that you gave me a transcript of *all* the runs. This would have been useful since it is only the combination that fails.
The errno from the kernel doesn't convey much information about what went wrong. I was buffaloed about what the problem could be, but I now have a theory.
Pluto picks SPIs starting at 0x000000100 (in network order) and increments them by one each time (as if the SPI were in host order, but it isn't -- weird, but unimportant).
When you start a fresh copy of Pluto, it starts with 0x00000100 for the next SPI. Unfortunately, the kernel is not fresh, so it still thinks that SPI (and it's successors) are still in use. I think that the kernel is complaining about this.
Supporting evidence: egrep -ni SPI from Hugh Daniel's message yields
the following, after irrelevancies are removed:
469:IPsec SPI sent: 00 00 01 00
612:IPsec SPI accepted 00 00 01 00
1082:IPsec SPI accepted 00 00 01 00
Hugh Daniel: could you run your tests again without restarting Pluto?
Richard: is there a way in which we (you) can make the errno values more descriptive?
SPIs are generated by Pluto, not the kernel, and fresh copies of Pluto start generating the same SPI values. This will confuse and annoy a Kernel when a second Pluto is run: the SPIs will be recycled illegally.
Hugh Redelmeier
hugh@mimosa.com voice: +1 416 482-8253
Received on Thu May 21 22:09:24 1998
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 12:59:12 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |