Date: Tue, 23 May 2017 08:39:28 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 219453] tcpmd5 kernel module regression Message-ID: <bug-219453-8-aOWPQml8te@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-219453-8@https.bugs.freebsd.org/bugzilla/> References: <bug-219453-8@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219453 Andrey V. Elsukov <ae@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ae@FreeBSD.org --- Comment #4 from Andrey V. Elsukov <ae@FreeBSD.org> --- (In reply to Marek Zarychta from comment #0) > After upgrade from 11.0-STABLE r318137 to 11.1-PRERELEASE TCP MD5 signatures > cannot be verified, so bird session cannot be established. > Neither ISP, nor our side changed the configuration. Bird-1.6.3_1 was > recompiled from port, but it doesn't fix the trouble. > # netstat -sp tcp | grep signature > 0 packets with matching signature received > 4601 packets with bad signature received > 42 times failed to make signature due to no SA > 0 times unexpected signature received > 30 times no signature provided by segment There were no changes in stable/11 in TCP-MD5 code. So if it worked in r318137, it should work. Do you use bird's "password" option to set SAs or are they set via setkey(8)? There is patch for bird in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=218907 I sent it to bird's developer and port maintainer, but seems it is not committed. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-219453-8-aOWPQml8te>