From owner-freebsd-net@freebsd.org Tue Feb 20 07:01:20 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3D0EDF08B08 for ; Tue, 20 Feb 2018 07:01:20 +0000 (UTC) (envelope-from kmisak@gmail.com) Received: from mail-qk0-x229.google.com (mail-qk0-x229.google.com [IPv6:2607:f8b0:400d:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D12E086A82 for ; Tue, 20 Feb 2018 07:01:19 +0000 (UTC) (envelope-from kmisak@gmail.com) Received: by mail-qk0-x229.google.com with SMTP id v124so3842557qkh.11 for ; Mon, 19 Feb 2018 23:01:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=CQzx2HjE3cEvR3O2YVkWMfxICUn2BbEptrchnIloGEI=; b=fC7oekyatJbMjcV8Dwe8vvGtsYp5qzUSNSTJNP+eDxbTi7MC1qEOIZtukHb5TVg7zp 0L+OuAOAwmRly8r/zkh32D8BvfoavPlroP74xDpT9wsBRVVkOObmJCiyCnOPZfoNxrdg 9/30FV5sxPQMNmAFmfX1NrzrE3zCTqg+RWRWc1MDzM76LVeytgDReDkjzG5OEyKa2Bvm ZXqf2rXKccoBux12pKZysPIPW0Y7n2876VLBJ3YHX6YeAnCN4WdfuCUEgXa5kNS+XQQv VLjHkO5TqnWHPjjXLBLwnxdUYHAN+/Iy61XohdZylTn0xczIPilDAMsT85MmuiYN8MTm 0RYg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=CQzx2HjE3cEvR3O2YVkWMfxICUn2BbEptrchnIloGEI=; b=KGQnSSUQ6gu20zI+tsdXztCIq5K6/ssqhetKWxoffIxkfAMEdECQGILFmKVIYinBGq RhkIm3rYsxNdgUFsmuT/KK26h/eu+4QfjiIWcwQ+S+kUn8ryjFxcYzoV3X76YkYpiQLL R44hhVgx6JoSlnrQesUDhNhV8qGHncjh9iEgrVkHczlQQLV1Z5CUDzUrKaMjnZKzhfLS NUq4XHoZW3kCDYaHRiRGPVqD2FmENJvNjB/jDzzqFkQxibBpiQHz6qsdzPa6UbHrPqsm +SvnSyouzieuHX1w14UrukMMxu0aXhpY8164abhQsLsGzZjqgAMN2+Bzwg2i3Th94ofx tXog== X-Gm-Message-State: APf1xPCNB9qv6OXiN3Jr8uqnE1RuGgnUlXl6Ek41DZKlmkZM50PaS99c XTe5POWhAC3QCJ2wbGdIw6vuxGu8M4xfSjzrnS1ZBw== X-Google-Smtp-Source: AH8x227h6edjt63C9A+RsE08K1k7co9iw4e4w6IOAPSOsuSLYIO5f3wswsSfYE2UrasGGExkWyTTOks5pXKvGO6ANSM= X-Received: by 10.55.126.194 with SMTP id z185mr9056335qkc.340.1519110079368; Mon, 19 Feb 2018 23:01:19 -0800 (PST) MIME-Version: 1.0 Received: by 10.200.81.201 with HTTP; Mon, 19 Feb 2018 23:01:18 -0800 (PST) Received: by 10.200.81.201 with HTTP; Mon, 19 Feb 2018 23:01:18 -0800 (PST) In-Reply-To: References: <5A8A97EC.4040103@grosbein.net> <16e6d695-6961-bc17-6ff0-e2affcd5df3b@yandex.ru> <5A8BB836.2010501@grosbein.net> From: Misak Khachatryan Date: Tue, 20 Feb 2018 11:01:18 +0400 Message-ID: Subject: Re: Racoon and setkey problems To: Eugene Grosbein Cc: "Andrey V. Elsukov" , freebsd-net@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Feb 2018 07:01:20 -0000 One of the machines didn't connected to the Internet, have only private ip address on it's interfaces, so i have doubts about that. But thanks, I'll check for that too. I'm exporting traffic from two machines to netflow collector, should be easy. On Feb 20, 2018 9:55 AM, "Eugene Grosbein" wrote: On 20.02.2018 00:44, Misak Khachatryan wrote: > Hi Andrey, > > yes, all output is from same machine. I'll recheck all configs again, > or, if it's OK, I can post them here. The most confusing thing is that > everything worked as a charm several years. And nothing changed in > configurations until logs stars to fill up with these messages and i > tried to play with some settings to troubleshoot. You may be suffering from some kind of massive IPSEC-scanning bots activity that try to expoit IPSEC-related bugs and trigger some memory leak. You should really try 11.1.