Hosting Provided By

RE: linux-ipsec: Latest IPsec and connecting two IP networks.... :-(

From: Henry Spencer <henry(at)spsystems.net>
Date: Tue Sep 01 1998 - 22:31:48 EDT

> Is there any reason why the Aug30 IPsec would be "crashing" the

Nope, that's a new one on us.

>I found the bug mentioned below BTW. :-)

It turns out that the AH+ESP bug is a real weirdie: it looks like if you have full logging (Klips and Pluto) turned on, on an old slow machine, *and* you're running both AH and ESP, the volume of logging congests the kernel so badly that (a) kernel logging just chokes and dies, and (b) network packets get lost. We haven't fully investigated it yet, but it doesn't seem to be specifically an IPSEC bug; apparently the combination of AH and ESP just bloats the logging to the point of pushing it over the edge. With the logs turned off, it works.

                                                          Henry Spencer
                                                       henry@spsystems.net
                                                     (henry@zoo.toronto.edu)

Received on Tue Sep 1 23:23:37 1998

This message: [ Message body ]
Next message: David Sainty: "Re: linux-ipsec: Latest IPsec and connecting two IP networks.... :-("
In reply to David Sainty: "RE: linux-ipsec: Latest IPsec and connecting two IP networks.... :-("
Next in thread: David Sainty: "Re: linux-ipsec: Latest IPsec and connecting two IP networks.... :-("
Reply: David Sainty: "Re: linux-ipsec: Latest IPsec and connecting two IP networks.... :-("

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 12:59:26 EDT