From owner-freebsd-questions Mon Nov 13 19:20:48 2000 Delivered-To: freebsd-questions@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id F06EB37B479 for ; Mon, 13 Nov 2000 19:20:44 -0800 (PST) Received: from curve.dellroad.org (curve.dellroad.org [10.1.1.30]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id TAA03777; Mon, 13 Nov 2000 19:20:44 -0800 (PST) Received: (from archie@localhost) by curve.dellroad.org (8.11.0/8.11.0) id eAE3KhX21763; Mon, 13 Nov 2000 19:20:43 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200011140320.eAE3KhX21763@curve.dellroad.org> Subject: Re: SKIP port on 4.x In-Reply-To: <3A0FF830.19628.ACEDABE3@localhost> "from Craig W. Penner at Nov 13, 2000 02:18:24 pm" To: cpenner@streamflo.com Date: Mon, 13 Nov 2000 19:20:43 -0800 (PST) Cc: freebsd-questions@freebsd.org X-Mailer: ELM [version 2.4ME+ PL82 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Craig W. Penner writes: > Has anyone successfully used the SKIP port (skip-1.0) on a > machine running FreeBSD 4.x? I've had it running perfectly well on > about half a dozen 3.x machines for some time now, but it fails on > both of the machines that I've upgraded to 4.2-BETA. > > On those 4.2-BETA machines, SKIP compiles, installs, loads and > appears to run, except that it apparently won't correctly process > incoming packets from other SKIP-enabled hosts. > > Watching the traffic using tcpdump on the 4.x box shows that it > appears to send properly encapsulated packets and shows that > received packets do appear at the interface, (for example, pinging a > 3.x SKIP host from the 4.x SKIP host creates ip-proto-57 traffic > going both directions between these two hosts, but ping reports > 98% packet loss. That's another odd thing--two or three packets > out of 100 will get through, but with really high latency). > > I've done enough testing and successfully configured enough 3.x > SKIP hosts that I'm fairly confident that I haven't simply screwed up > the installation (I've double-checked all of my keys, etc.). Has the > 4.x kernel introduced an incompatibility with SKIP? Or is there > something specific that I need to now configure in the 4.x kernel > that was either there by default or not necessary in 3.x? > > Any assistance would be greatly appreciated; I'd like to be able to > upgrade to 4.x-stable without breaking all of my VPNs. Yes, someone else has pointed out that SKIP doesn't work on recent 4.x kernels. This is probably because of some simple change that affected things, but no one has debugged it yet (unfortunately I don't have time to myself). So.. the bad news is that it's broken, but the likely good news is that the fix can't be very far away.. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message