[Bug 216681] IPsec traceroute6 -I does not work

[bugzilla-noreply at freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=216681

            Bug ID: 216681
           Summary: IPsec traceroute6 -I does not work
           Product: Base System
           Version: 11.0-RELEASE
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: bin
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: jasonmader at gmail.com
                CC: freebsd-amd64 at FreeBSD.org
                CC: freebsd-amd64 at FreeBSD.org

It appears the IPsec policy,

spdadd -n 2620:10e:6024:a0::b1 2620:10e:6026:d0::/64 icmp6 -P out ipsec
ah/transport//use;

doesn't set the AH with traceroute6 -I. ping6 to the same host does. e.g.

traceroute6 -I

14:55:30.524981 IP6 2620:10e:6024:a0::b1 > 2620:10e:6026:d0::5e40: ICMP6, echo
request, seq 5, length 16

ping6

15:03:40.086329 IP6 2620:10e:6024:a0::b1 > 2620:10e:6026:d0::5e40:
AH(spi=0xa05e4001,seq=0x211): ICMP6, echo request, seq 0, length 16

-- 
You are receiving this mail because:
You are on the CC list for the bug.