Re: Issue on netconsole vs. Linux kernel oops

[Matt Mackall]

On Fri, Dec 17, 2004 at 04:12:20AM -0800, Park Lee wrote:
> On Thu, 16 Dec 2004 at 10:55, Matt Mackall wrote:
> >
> > On Thu, Dec 16, 2004 at 10:48:27AM -0800, Park Lee 
> > wrote:
> > > Hi,
> > > I'd like to use netconsole to send local Linux
> > > kernel's final messages (i.e. oops) to remote 
> > > machine when the kernel crashes. 
> > > Now I can successfully use a built-in netconsole 
> > > to send some loacl kernel messages to the remote 
> > > machine.(the parameter I send to local kernel on 
> > > kernel command line is 
> > > "netconsole=@xxxxxxxxxxx/,514@xxxxxxxxxxx/", I run
> > > syslogd in remote machine). For example, When the
> > > local kernel is booting, it will send a message
> > > "192.168.0.2 audit(1103247021.091:0): 
> > > initialized" to remote machine through 
> > > netconsole, and the syslogd on remote machine 
> > > will write the message to /var/log/messages on 
> > > remote machine.
> > >  What CONFUSE me most is that when the kernel
> > > crashes, there is NO message (oops) about the 
> > > crash being wrote down by syslogd on remote 
> > > machine to remote /var/log/messages file at all!! 
> > >   But in the mean time, We can see the outputs of
> > > tcpdump on the remote machine, they are some thing
> > > like the following:
> > >
> > >01:36:56.692877 IP 192.168.0.2.6665 >
> > >192.168.0.1.syslog: UDP, length 48
> > >01:36:56.692930 IP 192.168.0.2.6665 >
> > >192.168.0.1.syslog: UDP, length 29
> > >01:36:56.692982 IP 192.168.0.2.6665 >
> > >192.168.0.1.syslog: UDP, length 15
> > >01:36:56.693034 IP 192.168.0.2.6665 >
> > >192.168.0.1.syslog: UDP, length 9
> > >01:36:56.693086 IP 192.168.0.2.6665 >
> > >192.168.0.1.syslog: UDP, length 16
> > >01:36:56.693121 IP 192.168.0.2.6665 >
> > >192.168.0.1.syslog: UDP, length 16
> > >   ... ...
> > > From these messages, we can see that the 
> > > netconsole actually have sent the final messages 
> > > (oops) to remote machine when the local kernel 
> > > crashed. But there are no corresponding messages 
> > > recorded by syslogd on remote machine 
> > > to /var/log/messages.
> >
> > From your description, it sounds like syslogd is at 
> > fault. Try using netcat on the remote machine.
> 
>   Today, I have a try using netcat. But I found that
> the problem still exist!
>   By accident, I found that this problem is related to
> native IPsec that runs between my local machine and
> the remote machine. 
>   I'm using IPsec-Tools ( which including racoon,
> setkey) as the user-space tools for the native IPsec
> of linux kernel. Only if I run the command "setkey -f
> /etc/ipsec.conf" on the remote machine, the syslogd
> (or netcat) running on the remote machine will unable
> to record the messages that have been reached the
> remote machine. If I'm not run this command on remote
> machine, the syslogd/netcat will be able to record the
> arrived messages. (the /etc/ipsec.conf on the remote
> machine is shown in the end.)
>   Then, CAN'T netconsole be used in the IPsec
> environment (with IPsec-Tools)? How can we solve this
> problem?

Netconsole builds very simple IPv4 packets by hand without the use of
the rest of the IP stack. This is how it continues to work when the
system is crashing. So it will never be able to build IPSEC packets.
Nor is it likely to do IPv6 any time soon.

You can probably get it to work by using a different IP address for
netconsole than you use for IPSEC, and set up the receiving end to
recognize packets from that address as normal unencrypted IPv4.
-- 
Mathematics is the supreme nostalgia of our time.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/