Racoon and setkey problems
Misak Khachatryan
kmisak at gmail.com
Mon Feb 26 12:53:57 UTC 2018
Hi Andrey,
thanks for the patch! Is it safe to use it on 10.3?
Best regards,
Misak Khachatryan
On Mon, Feb 26, 2018 at 4:39 PM, Andrey V. Elsukov <bu7cher at yandex.ru> wrote:
> On 22.02.2018 22:12, Misak Khachatryan wrote:
>>>> kernel`key_sendup0+0xee
>>>> kernel`key_sendup_mbuf+0x1e6
>>>> kernel`key_parse+0x87f
>>>>
>>>
>>> Then probably this output will be changed.
>
> I think the problem is that there are several PF_KEY sockets present,
> but some socket has overfilled its buffers. key_sendup_mbuf() function
> tries to send data to all sockets and fails on this mentioned socket.
>
> If you can, please, try the attached patch. It changes the behavior to
> always try to send data to all sockets and ignore some possible errors
> on intermediate sockets. I think with this patch you will be able to
> clear SAs with `setkey -F` command.
>
> You need to rebuild and reinstall the kernel. The patch is for stable/10.
>
> --
> WBR, Andrey V. Elsukov
More information about the freebsd-net
mailing list