Fix for the NAT-T ABI change

To: tech-net%NetBSD.org@localhost
Subject: Fix for the NAT-T ABI change
From: "S.P.Zeidler" <spz%serpens.de@localhost>
Date: Sat, 28 Aug 2010 14:30:09 +0200

Dear all,

please review and test the patch at
http://www.netbsd.org/~spz/ipsec-natt-abi-fix.diff

The patch leans on vanhus patch for FreeBSD, but differs.

IPSEC + IPSEC-NAT-T: tested to work when not using NAT-T
(I use IPSEC but I have no counterpoint to test NAT-T against at present)

FAST_IPSEC + IPSEC-NAT-T: does not seem to work less than without the patch
IPv4 seems to work.
IPv6: I can ping6 my tunnel gateway, but nothing beyond it. It seems
to try to open a ipsec conversation to the target itself instead of
tunnelling, which is Not Allowed (and not expected).
Starting firefox (with or without the NAT-T patch) gets me a panic with
ensuing panic of ddb (with the NAT-T patch it's LOCKDEBUG, not convinced
that that is resembling the reason). I'll test FAST_IPSEC some more later.

regards,
        spz
-- 
spz%serpens.de@localhost (S.P.Zeidler)

Follow-Ups:
- Re: Fix for the NAT-T ABI change
  - From: Christos Zoulas

Prev by Date: Re: [Greg Troxel] Dell R610 lockups?
Next by Date: Re: Fix for the NAT-T ABI change
Previous by Thread: [Greg Troxel] Dell R610 lockups?
Next by Thread: Re: Fix for the NAT-T ABI change
Indexes:

Home | Main Index | Thread Index | Old Index