From owner-freebsd-net@FreeBSD.ORG Tue Apr 14 20:54:56 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 00B7F106566C; Tue, 14 Apr 2009 20:54:56 +0000 (UTC) (envelope-from sullrich@gmail.com) Received: from mail-fx0-f167.google.com (mail-fx0-f167.google.com [209.85.220.167]) by mx1.freebsd.org (Postfix) with ESMTP id 582858FC12; Tue, 14 Apr 2009 20:54:55 +0000 (UTC) (envelope-from sullrich@gmail.com) Received: by fxm11 with SMTP id 11so2659850fxm.43 for ; Tue, 14 Apr 2009 13:54:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :from:date:message-id:subject:to:cc:content-type :content-transfer-encoding; bh=qQ4gwaxZCb8Rgu6Dy0XS/2kRiijk0lNtFgG6/I21Pew=; b=EdSmBgJArqpCQ9T04Qrte4QQZ928V9MfGR5tsyD+lT6Rpgj5noybNUlfNQZb5ChbDm RdvNro0G3zdPbRIQQZHLLCP4B0beUfoTNclpoL9MrXPh1E9HP88WbFX+WVnOTBzioAhx IsJWF1rqskujZXxYLMNnQ2qT6N2/SN8TV+/7k= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; b=REs6Ctwd8TsEcCdEcN0DEY5Lgi3FpbRm/vctDla5mKnfH9fTb8M2ba7Tz5kqBHHgkO H59r3/1S4rPfyNiLqME0Zw02SWfONN1PshXPPWklIO2q5XhI0Tfc1ZtimY+etCuWdFd1 pL+ib0yMH6W6kW+RDJr0h1Vq4vAgxlvFpWtZs= MIME-Version: 1.0 Received: by 10.103.2.14 with SMTP id e14mr4175605mui.41.1239740699202; Tue, 14 Apr 2009 13:24:59 -0700 (PDT) In-Reply-To: <20090226141138.GA91564@zeninc.net> References: <85c4b1850902170448p7a59d50bt6bdaa89aa01c51d7@mail.gmail.com> <20090217143425.GA58591@zeninc.net> <20090217143409.J53478@maildrop.int.zabbadoz.net> <20090226141138.GA91564@zeninc.net> From: Scott Ullrich Date: Tue, 14 Apr 2009 16:24:44 -0400 Message-ID: To: VANHULLEBUS Yvan Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: "Bjoern A. Zeeb" , freebsd-net@freebsd.org Subject: Re: NATT patch and FreeBSD's setkey X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Apr 2009 20:54:56 -0000 On Thu, Feb 26, 2009 at 10:11 AM, VANHULLEBUS Yvan wrot= e: > On Tue, Feb 17, 2009 at 02:41:41PM +0000, Bjoern A. Zeeb wrote: [snip] >> We have about 3 months left to get that patch in for 8; ideally 6 >> weeks. =A0Can you update the nat-t patch in a way as discussed here >> before so that the extra address is in etc. and we can move forward? > > Done, new version is available here: > http://people.freebsd.org/~vanhu/NAT-T/experimental/patch-FreeBSD-TRUNK-N= ATT-pfkey-clean-2009-02-26.diff Hello, We recently tested this patch on a up to date current as of a couple hours ago and it seems to break all outgoing UDP traffic (DNS included). Has anyone else experienced this issue? Backing the patch out of our pfSense patch roster cleared up the problem. Is there a newer patch available by chance? Thanks, Scott