Date: Fri, 16 Jan 2004 06:32:21 +0000 (UTC) From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> To: Jun-ichiro itojun Hagino <itojun@itojun.org> Cc: current@freebsd.org Subject: Re: [PATCH] IPSec fixes Message-ID: <Pine.BSF.4.53.0401160618440.66397@e0-0.zab2.int.zabbadoz.net> In-Reply-To: <20040116041023.4B54EB9@coconut.itojun.org> References: <Pine.BSF.4.53.0401152212230.66397@e0-0.zab2.int.zabbadoz.net> <20040116041023.4B54EB9@coconut.itojun.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 16 Jan 2004, Jun-ichiro itojun Hagino wrote: Hi, > the problem i have with the patch is, i have never experienced the > symptom with NetBSD. no panic at all, no funny "SPD entry go away > when it has to stay" issue nor no "dangling pointer" issue. > could you show me your script which panics your FreeBSD box? i will > try that on NetBSD-current box here. don't have a shell script but do it on command line by hand. This gives better logging to serial console when debugging what events occured when. The basic idea is: 1. have racoon startup at boot time 2. run setkey -f an_ipsec.conf an_ipsec.conf: spdflush; spdadd ... spdadd ... spdadd ... spdadd ... ... 3. wait some short time (0-2 minutes) and perhaps do some traffic I usually open a a ssh connection (no ipsec in that path) to my directly connected syslog server, reattach a screen with some tail -f on logfiles 4. repeat step 2 5. do s.th. like check netstat -s -p ipsec or just wait some seconds 6. kill <pid of racoon> 7. count to ten and wait for the panic to come step 1-3 are done automatically when booting, when I come back to my workstation I open the ssh connection through the ipsec router. killing racoon has turned out to be a good thing to crash the box. Soemtimes I will see some "ipsec4_getpolicybysock: Invalid policy for PCB N" with N any number , be it 0 oder p.ex. 4657 oder 0xdeadcode and I will know that a panic is ahead anyway. > there could be some difference in NetBSD kernel code and FreeBSD due > to KAME->*BSD merge timing, and FreeBSD could have pull in some source > of instability (just my guess). So I should diff between NetBSD and FreeBSD and not KAME to FreeBSD ? -- Greetings Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT 56 69 73 69 74 http://www.zabbadoz.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.53.0401160618440.66397>