From owner-freebsd-questions@FreeBSD.ORG Sat Nov 6 19:55:21 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 152E816A4CE for ; Sat, 6 Nov 2004 19:55:21 +0000 (GMT) Received: from sxm.trinetworks.com (sxm.trinetworks.com [64.73.235.150]) by mx1.FreeBSD.org (Postfix) with ESMTP id E72A243D49 for ; Sat, 6 Nov 2004 19:55:20 +0000 (GMT) (envelope-from freebsd@trinetworks.com) Received: from sxm.trinetworks.com (localhost.trinetworks.com [127.0.0.1]) by sxm.trinetworks.com (8.12.10/8.12.10) with ESMTP id iA6K25Ve006593 for ; Sat, 6 Nov 2004 12:02:05 -0800 (PST) (envelope-from freebsd@trinetworks.com) Received: (from nobody@localhost) by sxm.trinetworks.com (8.12.10/8.12.10/Submit) id iA6K25iR006592; Sat, 6 Nov 2004 12:02:05 -0800 (PST) (envelope-from freebsd@trinetworks.com) X-Authentication-Warning: sxm.trinetworks.com: nobody set sender to freebsd@trinetworks.com using -f Received: from 24-25-209-32.san.rr.com ([24.25.209.32]) (SquirrelMail authenticated user freebsd); by mail.trinetworks.com with HTTP; Sat, 6 Nov 2004 12:02:05 -0800 (PST) Message-ID: <1288.24.25.209.32.1099771325.squirrel@24.25.209.32> Date: Sat, 6 Nov 2004 12:02:05 -0800 (PST) From: freebsd@trinetworks.com To: freebsd-questions@freebsd.org User-Agent: SquirrelMail/1.4.3a X-Mailer: SquirrelMail/1.4.3a MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Subject: 5.3-RELEASE w/ IPSEC & RACOON X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Nov 2004 19:55:21 -0000 Good Morning! I have a simple tunnel established between two FreeBSD machines. The tunnel is encrypted using IPSEC and Racoon. Prior to 5.3-*, I have never experienced any issues with it. Using the same configuration in 5.3-*, the tunnel is still established and simple traffic can be sent across the tunnel. When a sudden burst of packets is sent through the tunnel, that particular connection completly and permanantly freezes. An example of this is a simple SSH session to another FreeBSD machine where a dmesg is issued. About 5 lines into the dmesg, the connection freezes up. I have read a lot about the MPSAFE/GIANT situation in 5.3-*, and noticed that my kernel warned me that MPSAFE was forced to be disabled due to IPSEC's requirement to be in a GIANT-LOCKED environment. I havn't yet determined that this particular issue is what is causing my problems. When racoon is disabled and IPSEC is removed from the kernel, I do not experience this issue. Does anyone have any ideas or information? Thanks in advance! Matt Lager