[Bug 228108] if_ipsec drops all the icmp v4&v6 error messages
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Aug 9 20:43:26 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228108
--- Comment #14 from Andrey V. Elsukov <ae at FreeBSD.org> ---
(In reply to dpd from comment #13)
> I showed over here :
> https://lists.freebsd.org/pipermail/freebsd-net/2018-August/051301.html
>
> That it seems to work with this line removed.
>
> Attached is the shell transcript of my current observation. The Tunnel
> seems up, but no traffic is getting passed.
You need to look at the output of `setkey -D`, `setkey -DP`, `netstat -sp esp`,
`tcpdump -ni` on the network interface and check what actually is going on.
Provided information is not enough for debugging. As I said this looks more
like a problem with racoon, duplicate SAs, SPs or something like this. For
example, in log you have two SAs with different SPI for the same direction.
Before starting racoon, make sure that you have cleaned up from previous run on
both sides.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the freebsd-net
mailing list