Date: Tue, 24 May 2005 05:40:07 GMT From: Ari Suutari <ari@suutari.iki.fi> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/81095: IPsec connection stops working if associated network interface goes down and then up again. Message-ID: <200505240540.j4O5e7AP051507@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/81095; it has been noted by GNATS. From: Ari Suutari <ari@suutari.iki.fi> To: Gleb Smirnoff <glebius@FreeBSD.org> Cc: FreeBSD-gnats-submit@FreeBSD.org, andre@FreeBSD.org Subject: Re: kern/81095: IPsec connection stops working if associated network interface goes down and then up again. Date: Tue, 24 May 2005 08:39:09 +0300 Hi, Gleb Smirnoff wrote: > can you please polish your patch and submit it as follow-up to PR? > There plans to remove route caching. Here it is. I would consider it only a workaround, since it just frees any cached route causing new lookup done every time. It covers only IPv4 case as I don't have IPv6 in my vpn box right now. I'm keeping my test environment in VmWare so I can easily test things if someone is going to work on this. *** ipsec.c.orig Tue May 24 08:31:09 2005 --- ipsec.c Tue May 24 08:31:47 2005 *************** *** 2713,2721 **** state->ro = &isr->sav->sah->sa_route; state->dst = (struct sockaddr *)&state->ro->ro_dst; dst4 = (struct sockaddr_in *)state->dst; ! if (state->ro->ro_rt ! && ((state->ro->ro_rt->rt_flags & RTF_UP) == 0 ! || dst4->sin_addr.s_addr != ip->ip_dst.s_addr)) { RTFREE(state->ro->ro_rt); state->ro->ro_rt = NULL; } --- 2713,2719 ---- state->ro = &isr->sav->sah->sa_route; state->dst = (struct sockaddr *)&state->ro->ro_dst; dst4 = (struct sockaddr_in *)state->dst; ! if (state->ro->ro_rt) { RTFREE(state->ro->ro_rt); state->ro->ro_rt = NULL; } Ari S.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200505240540.j4O5e7AP051507>