Re: ipsec on kernel 2.6.0-test9

From: Marco Berizzi
Date: Thu Nov 20 2003 - 10:41:35 EST


Me again.
I have downloaded kame-snap kit from
ftp://ftp.kame.net/pub/kame/snap/kame-20031117-freebsd49-snap.tgz ,
untarred and kame/IMPLEMENTATION report this:

...
- Tunnel mode IPComp is not working right. KAME box can generate
tunnelled
IPComp packet, however, cannot accept tunneled IPComp packet.
...

Is this the problem?

Marco Berizzi wrote:


> Hello everybody.
> I'm playing with ipsec on linux 2.6.0-test9 + ipsec-tools-0.2.2
> I would like to implement a simple esp-tunnel with ipcomp. This is my
> setkey init file:
>
> /usr/local/sbin/setkey -c <<EOF
> flush;
> spdflush;
> spdadd 10.1.2.0/24 10.1.1.0/24 any -P in ipsec
> ipcomp/tunnel/172.16.1.247-172.16.1.226/require
> esp/tunnel/172.16.1.247-172.16.1.226/require;
>
> spdadd 10.1.1.0/24 10.1.2.0/24 any -P out ipsec
> ipcomp/tunnel/172.16.1.226-172.16.1.247/require
> esp/tunnel/172.16.1.226-172.16.1.247/require;
> EOF
...
> Am I doing something wrong? Without ipcomp things are working good.
> My env: Slackware 9.1 gcc 3.2.3 kernel 2.6.0-test9 glibc 2.3.2
> ipsec-tools-0.2.2 (Cocorita=172.16.1.247 K2=172.16.1.226 connected by
> two 3C905 100Mbit/s)
> Any feedback are welcome.
> TIA.
>
> PS: Please cc me. I'm not subscribed to the list
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/