Date: Thu, 09 Aug 2018 20:43:24 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 228108] if_ipsec drops all the icmp v4&v6 error messages Message-ID: <bug-228108-7501-wf6anxgCMH@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-228108-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-228108-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D228108 --- Comment #14 from Andrey V. Elsukov <ae@FreeBSD.org> --- (In reply to dpd from comment #13) > I showed over here : > https://lists.freebsd.org/pipermail/freebsd-net/2018-August/051301.html >=20 > That it seems to work with this line removed. >=20 > Attached is the shell transcript of my current observation. The Tunnel > seems up, but no traffic is getting passed. You need to look at the output of `setkey -D`, `setkey -DP`, `netstat -sp e= sp`, `tcpdump -ni` on the network interface and check what actually is going on. Provided information is not enough for debugging. As I said this looks more like a problem with racoon, duplicate SAs, SPs or something like this. For example, in log you have two SAs with different SPI for the same direction. Before starting racoon, make sure that you have cleaned up from previous ru= n on both sides. --=20 You are receiving this mail because: You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-228108-7501-wf6anxgCMH>