Hi!
After an upgrade from 2.6.9 to 2.6.10 my IPSEC tunnel does not work as usual. My computer and the VPN-gateway can negotiate and build a tunnel and packets can use the tunnel. But then packets which must be routed get lost somewhere inside the kernel. tcpdump shows them first encrypted in ESP packets and then the unencrypted payload on the same interface. But they do not leave the kernel on the destination interface. Only packets with my computer as destination are processed. I did not change my IPSEC configuration and the kernel was configured using "make oldconfig".
Is there a problem in the routing layer somewhere inside the kernel or an internal change which requires a configuration change on my side? How can I determine, where and why the packets inside the kernel are thrown away?
To verify the problem I build a 2.6.10 kernel on the VPN gateway. And this kernel seems to have the same problem. Previously encrypted packets are not routed to th destination.
Downgrading to 2.6.9 solved the problem in both cases...
Regards,
Jörg
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/