Date: Tue, 16 Nov 2004 12:30:37 -0800 From: Kris Kennaway <kris@obsecurity.org> To: "Matthew T. Lager" <freebsd@trinetworks.com> Cc: Kris Kennaway <kris@obsecurity.org> Subject: Re: MPSAFE - Warning Message-ID: <20041116203037.GB17125@xor.obsecurity.org> In-Reply-To: <1733.24.25.209.32.1100585671.squirrel@24.25.209.32> References: <200411160054.39582.giulianocm@uol.com.br> <20041116031937.GA32097@xor.obsecurity.org> <1733.24.25.209.32.1100585671.squirrel@24.25.209.32>
next in thread | previous in thread | raw e-mail | index | archive | help
--U+BazGySraz5kW0T Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Nov 15, 2004 at 10:14:31PM -0800, Matthew T. Lager wrote: > I too receive this error. I require the use of KAME IPSEC. Basiclly, > services such as IPV6 and IPSEC require the kernel to be GIANT locked, > which is incompatable with MPSAFE. 5.3 forces MPSAFE to 0 if the system is > GIANT locked, hence the warning. >=20 > I backed down to 5.2.1 and ran IPSEC with no problems. Just to be clear, there's no danger in running IPv6 or KAME IPSEC in 5.3, you just won't get any benefits from running it on a SMP machine (neither will you in 5.2.1 or 4.x). > I actually did > experience many issues with my IPSEC tunnel in 5.3. Any problems you observed are presumably orthogonal to the Giant-ness, so you ideally should report them so they can be analyzed. Kris --U+BazGySraz5kW0T Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBmmNsWry0BWjoQKURAv/BAJwIt1Cbtah1xXVS+VuGBdTtbSqyzgCeNtlK MAAIjqYlNti31lJs7Z5yvjw= =7bVD -----END PGP SIGNATURE----- --U+BazGySraz5kW0T--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041116203037.GB17125>