Date: Tue, 16 Jul 2002 14:41:35 +0900 From: Shoichi Sakane <sakane@kame.net> To: nick@netdot.net Cc: freebsd-security@FreeBSD.ORG Subject: Re: Racoon problems with 4.6-STABLE Message-ID: <20020716144135H.sakane@kame.net> In-Reply-To: Your message of "Mon, 15 Jul 2002 15:28:08 -0700" <20020715222808.GE14733@netdot.net> References: <20020715222808.GE14733@netdot.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> I'm having problems with racoon since upgrading from 4.5-S to 4.6-S. > > I had to kill routed, it was causing the routing table to be updated many > times per second and flooding my racoon logs. This behavior seems to be > new after the upgrade. when racoon is running on a router or ip addresses are static, you should configure racoon not to get ip addresses dynamically. that is to use listen directive. > A worse problem, however, is that racoon doesn't seem to add all the SAD > entries it negotiates to the kernel. The result is messages like: > > Jul 15 15:22:23 port /kernel: IPv4 AH input: no key association found for spi 207489362 racoon seems busy to process PF_ROUTE message. i think it will be solved when you configure racoon as i proposed. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020716144135H.sakane>