Gnome42 wrote:
> It is working in 2.6.18-rc6-mm1. I thought it was the compile option
> 'optimize for size' that was causing a miscompilation because when I
> compiled -rc6-mm1 I turned that option off and it suddenly started
> working. But, then I recompiled -rc5-mm1 with that option off and it
>
Hi Patrick,
It is working in 2.6.18-rc6-mm1. I thought it was the compile option
'optimize for size' that was causing a miscompilation because when I
compiled -rc6-mm1 I turned that option off and it suddenly started
working. But, then I recompiled -rc5-mm1 with that option off and it
still didn'
On 9/9/06, Patrick McHardy <[EMAIL PROTECTED]> wrote:
> src 34.34.36.1 dst 34.34.36.6
>proto esp spi 0x0dc3aba4(230927268) reqid 0(0x) mode tunnel
>replay-window 4 seq 0x991250886 flag (0x)
>auth md5 0xfea9e3e8d324265d8b7e17ec42d69b15 (128 bits)
>
Gnome42 wrote:
> src 34.34.36.1 dst 34.34.36.6
>proto esp spi 0x0dc3aba4(230927268) reqid 0(0x) mode tunnel
>replay-window 4 seq 0x0001 flag (0x)
>auth hmac(md5) 0xfea9e3e8d324265d8b7e17ec42d69b15 (128 bits)
>enc cbc(aes) 0x21ca0a9677ff0225acd0d3
On 9/9/06, Patrick McHardy <[EMAIL PROTECTED]> wrote:
Yes, I meant the SAs. But please use "ip -s xfrm state" and "ip -s xfrm
policy" (on both sides), they include a bit more information than
setkey.
Workstation running 2.6.18-rc5-mm1 is the initiator, and responder is
2.6.17-rc6-mm1. This is
Gnome42 Gnome42 wrote:
> On 9/8/06, Patrick McHardy <[EMAIL PROTECTED]> wrote:
>>
>> Can you see the decrypted packets on the incoming interface on the
>> other side?
>
>
> No, not the decrypted ones only the encrypted ones. I never see the
> decrypted packets. ( I should see them twice right? On
On 9/8/06, Patrick McHardy <[EMAIL PROTECTED]> wrote:
Gnome42 Gnome42 wrote:
Can you see the decrypted packets on the incoming interface on the
other side?
No, not the decrypted ones only the encrypted ones. I never see the
decrypted packets. ( I should see them twice right? Once encrypted a
Gnome42 Gnome42 wrote:
> IPSec got broken in 2.6.18-rc4-mm3+, 2.6.18-rc4-mm2 works and
> 2.6.18-rc5 also works.
>
> The tunnel looks like its established correctly in the racoon logs and
> the traffic is encrypted on the wire. However, the other side does not
> decrypt the traffic it just seems to
Hi Folks,
(please CC me ...)
IPSec got broken in 2.6.18-rc4-mm3+, 2.6.18-rc4-mm2 works and
2.6.18-rc5 also works.
The tunnel looks like its established correctly in the racoon logs and
the traffic is encrypted on the wire. However, the other side does not
decrypt the traffic it just seems to di
