[IPSec] connect: Resource temporarily unavailable

From: Felipe Alfaro Solana
Date: Tue Feb 24 2004 - 08:51:28 EST

Next message: Corey Minyard: "[PATCH] IPMI driver updates, part 1b"
Previous message: Juergen Moll: "Problem with kernel 2.6.2"
Next in thread: David S. Miller: "Re: [IPSec] connect: Resource temporarily unavailable"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

When using Racoon to manage SAs between two IPv4/IPSec hosts running 2.6
kernels and IPSec in transport mode with mandatory ESP/AH support, the
first packet exchange between both hosts triggers IKE Phase 1 but,
instead of queueing the userspace packet that triggered the IKE exchange
until IKE Phase 2 has ended and the SA has been established, userspace
receives the following errpr:

connect: Resource temporarily unavailable

Any further attempt to exchange packets between both hosts succeeds
after a while, (once the IKE Phase 2 ends and the SA has been correctly
established).

Is this a bug? Shouldn't the kernel queue (hold) userspace packets until
IKE Phase 2 has completed (either successfully or with error)? Why am I
receiving "connect: Resource temporarily unavailable" error when there
is no SA set up?

This is reproducible by either pinging or telnetting the other peer or
the IPSec link. Both hosts are running 2.6.3 kernels and ipsec-tools
0.2.2. Once IKE Phase 2 ends, ping and telnet work with no error and
tcpdump reveals that AH/ESP protocols are being used.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Corey Minyard: "[PATCH] IPMI driver updates, part 1b"
Previous message: Juergen Moll: "Problem with kernel 2.6.2"
Next in thread: David S. Miller: "Re: [IPSec] connect: Resource temporarily unavailable"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]