From owner-freebsd-current  Tue Jan 11 15:34:27 2000
Delivered-To: freebsd-current@freebsd.org
Received: from po8.andrew.cmu.edu (PO8.ANDREW.CMU.EDU [128.2.10.108])
	by hub.freebsd.org (Postfix) with ESMTP id DA36E15139
	for <freebsd-current@FreeBSD.ORG>; Tue, 11 Jan 2000 15:34:23 -0800 (PST)
	(envelope-from tcrimi+@andrew.cmu.edu)
Received: (from postman@localhost)
	by po8.andrew.cmu.edu (8.9.3/8.9.3) id SAA11749;
	Tue, 11 Jan 2000 18:34:21 -0500 (EST)
Received: via switchmail; Tue, 11 Jan 2000 18:34:20 -0500 (EST)
Received: from unix4.andrew.cmu.edu via qmail
          ID </afs/andrew.cmu.edu/service/mailqs/q007/QF.MsSvlri00Uw801UlY0>;
          Tue, 11 Jan 2000 18:27:51 -0500 (EST)
Received: from unix4.andrew.cmu.edu via qmail
          ID </afs/andrew.cmu.edu/usr18/tcrimi/.Outgoing/QF.EsSvlrO00Uw80sYT80>;
          Tue, 11 Jan 2000 18:27:51 -0500 (EST)
Received: from mms.4.60.Jun.27.1996.03.02.53.sun4.51.EzMail.2.0.CUILIB.3.45.SNAP.NOT.LINKED.unix4.andrew.cmu.edu.sun4m.54
          via MS.5.6.unix4.andrew.cmu.edu.sun4_51;
          Tue, 11 Jan 2000 18:27:51 -0500 (EST)
Message-ID: <ssSvlrK00Uw80sYT00@andrew.cmu.edu>
Date: Tue, 11 Jan 2000 18:27:51 -0500 (EST)
From: Thomas Valentino Crimi <tcrimi+@andrew.cmu.edu>
To: Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp>
Subject: Re: IPv6 testing...willing to help
Cc: freebsd-current@FreeBSD.ORG
In-Reply-To: <Pine.BSF.4.20.0001072357460.4341-100000@home.astralblue.com>
References: <Pine.BSF.4.20.0001072357460.4341-100000@home.astralblue.com>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


  Hello, looks like I'll join the fray as well.


   I've just turned on IPSec between two machines, an i386 and Alpha,
both running very recent currents, each has the IPSEC and IPSEC_ESP
config options set, but does not have IP6 support enabled.  I used
setkey and could establish what appear to be encrypted connections using
vanilla telnet between the hosts, (can someone recommend a good packet
sniffer to ensure this?  tcpflow ignored connections between the ipsec
hosts.  I used tcpdump -x with a large snaplen and saw that sending a
constant stream of the 0's yeilded the different packets.)

  What is curious, though, is that during a telnet, running any command
to dump a large amount of information to the screen will lock up the
connection forcing me to login again.  Similar things happen with ftp
(locked up after logging in when I first issue an ls).  The surest way
to lock up teh connection is to go to /sys/compile/KERN and do an ls. 
Data piped to more (a screenful at a time) seems to be ok, but
substancially more locks up TCP connections.  This does not occur with
NFS (I build a kernel using it). 

  I notice that setkey -D yeilds different numbers between the machines
in terms of "current:" bytes.

  What data can I provide to help in fixing this problem?

  Regards.
Tom 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message