Site Navigation

Date:      Tue, 19 Feb 2002 10:55:28 -0800
From:      Lars Eggert <larse@ISI.EDU>
To:        Archie Cobbs <archie@dellroad.org>
Cc:        Justin Hawkins <justin@hawkins.dropbear.id.au>, freebsd-net@FreeBSD.ORG
Subject:   Re: mpd-netgraph as VPN client to Cisco 2500
Message-ID:  <3C729FA0.9060700@isi.edu>
References:  <200202191825.g1JIP4O96413@arch20m.dellroad.org>

---

index | next in thread | previous in thread | raw e-mail

---

[-- Attachment #1 --]
Archie,

Archie Cobbs wrote:
> Newer versions of mpd will not even finish negotiation with a box
> that uses the same IP address inside & out... this was added as a
> safety check.. to disable this behavior and allow such negotiation,
> apply the patch below.

you put created that patch in repsonse to my email back then about the 
encapsulation loop :-) (and it works great in preventing the kernel panic).

The problem with the Cisco we have here is that even when it gets a NAK 
during negotiation (when offering its IP address to mpd), it will 
stupidly retry with the same address over and over, until negotiation fails.

Justin doesn't seem to have this problem; in the log he posted, his 
Cisco box gives him a valid IP address after the NAK. That's why I'm 
interested in how he made it do that.

If I take out the NAK patch, I believe I'll see kernel panics again; or 
were you saying that adding a host route can prevent this?

Thanks,
Lars
-- 
Lars Eggert <larse@isi.edu>               Information Sciences Institute
http://www.isi.edu/larse/              University of Southern California

[-- Attachment #2 --]
0�	*�H��

��0�

10	+0�	*�H��


���0��0��
�G0
	*�H��


0��10	UZA10UWestern Cape10U	Cape Town10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 2000.8.300
010824164000Z
020824164000Z0T10
UEggert1
0U*Lars10ULars Eggert10	*�H��

	

larse@isi.edu0��0
	*�H��



��0���������|\Pw��� �v����~��~�F
�Do�o�ӦA��\-��	� ���Cˀ�4�.��)&��{�肋���,z�(ܷر��߈��T7�_'t�xGH^tt/ҹB8��%�t<#�ֲN�

�V0T0*+e

!0
00
L2uMyffBNUbNJJcdZ2s0U0�
larse@isi.edu0U

�00
	*�H��


����a�JP���M�Ւ�]cѭC+��kS��+wZ�1���gY"�,Y���T�41�
�j����6:~�℩��D���������~�Kؚ‡�l���=�u(Վ��M?cF��7@����}��T��0��0��
�G0
	*�H��


0��10	UZA10UWestern Cape10U	Cape Town10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 2000.8.300
010824164000Z
020824164000Z0T10
UEggert1
0U*Lars10ULars Eggert10	*�H��

	

larse@isi.edu0��0
	*�H��



��0���������|\Pw��� �v����~��~�F
�Do�o�ӦA��\-��	� ���Cˀ�4�.��)&��{�肋���,z�(ܷر��߈��T7�_'t�xGH^tt/ҹB8��%�t<#�ֲN�

�V0T0*+e

!0
00
L2uMyffBNUbNJJcdZ2s0U0�
larse@isi.edu0U

�00
	*�H��


����a�JP���M�Ւ�]cѭC+��kS��+wZ�1���gY"�,Y���T�41�
�j����6:~�℩��D���������~�Kؚ‡�l���=�u(Վ��M?cF��7@����}��T��0�)0���

0
	*�H��


0��10	UZA10UWestern Cape10U	Cape Town10U
Thawte Consulting1(0&UCertification Services Division1$0"UThawte Personal Freemail CA1+0)	*�H��

	
personal-freemail@thawte.com0
000830000000Z
020829235959Z0��10	UZA10UWestern Cape10U	Cape Town10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 2000.8.300��0
	*�H��



��0�����32�c�	%E>�nx'g��ڈ���D)�c5*mp<�ܮ��to0�3��4q��m���O�e�
�K���a����U�5��u�'��r���װ�����|CBPQ��<�9��T������If-	��k�i

�N0L0)U"0 �010UPrivateLabel1-2970U

�0

�
0U
0
	*�H��


��so&e��4KYb��D�I��
���
j&*b���ctm��S�K���8��P�:l4��撜n�#
�	��K�r�g�Po.X���PW�����Ո�����9[9}4���%Mj���Ñ/���<R���bH1��0��

0��0��10	UZA10UWestern Cape10U	Cape Town10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 2000.8.30�G0	+��
a0	*�H��

	1	*�H��


0	*�H��

	1
020219185528Z0#	*�H��

	1��0
++`�;�`ā]yh\�Z�0R	*�H��

	1E0C0
*�H��
0*�H��
�0
*�H��

@0+0
*�H��

(0��*�H��

	1�����0��10	UZA10UWestern Cape10U	Cape Town10
U
Thawte10UCertificate Services1(0&UPersonal Freemail RSA 2000.8.30�G0
	*�H��



������D�l���Wn���'�}��H�Hc�'��F���2O�t1 ���&�'&�М��+�J�+���韥�����0�<�x�]W�x0z�I�$�����ed���7�zdp�ôWx[��

help

---

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C729FA0.9060700>

Legal Notices | © 1995-2026 The FreeBSD Project. All rights reserved.

Contact