From owner-freebsd-bugs@FreeBSD.ORG  Tue May 24 05:40:08 2005
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
X-Original-To: freebsd-bugs@hub.freebsd.org
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3B22116A41F
	for <freebsd-bugs@hub.freebsd.org>;
	Tue, 24 May 2005 05:40:08 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id ECB2043D48
	for <freebsd-bugs@hub.freebsd.org>;
	Tue, 24 May 2005 05:40:07 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j4O5e7o2051508
	for <freebsd-bugs@freefall.freebsd.org>; Tue, 24 May 2005 05:40:07 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j4O5e7AP051507;
	Tue, 24 May 2005 05:40:07 GMT (envelope-from gnats)
Date: Tue, 24 May 2005 05:40:07 GMT
Message-Id: <200505240540.j4O5e7AP051507@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
From: Ari Suutari <ari@suutari.iki.fi>
Cc: 
Subject: Re: kern/81095: IPsec connection stops working if associated network
 interface goes down and then up again.
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Ari Suutari <ari@suutari.iki.fi>
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 24 May 2005 05:40:08 -0000

The following reply was made to PR kern/81095; it has been noted by GNATS.

From: Ari Suutari <ari@suutari.iki.fi>
To: Gleb Smirnoff <glebius@FreeBSD.org>
Cc: FreeBSD-gnats-submit@FreeBSD.org, andre@FreeBSD.org
Subject: Re: kern/81095: IPsec connection stops working if associated network
 interface goes down and then up again.
Date: Tue, 24 May 2005 08:39:09 +0300

 Hi,
 
 Gleb Smirnoff wrote:
  > can you please polish your patch and submit it as follow-up to PR?
  > There plans to remove route caching.
 
 Here it is. I would consider it only a workaround, since it just
 frees any cached route causing new lookup done every time.
 It covers only IPv4 case as I don't have IPv6 in my vpn box
 right now.
 
 I'm keeping my test environment in VmWare so I can easily
 test things if someone is going to work on this.
 
 
 *** ipsec.c.orig	Tue May 24 08:31:09 2005
 --- ipsec.c	Tue May 24 08:31:47 2005
 ***************
 *** 2713,2721 ****
    			state->ro = &isr->sav->sah->sa_route;
    			state->dst = (struct sockaddr *)&state->ro->ro_dst;
    			dst4 = (struct sockaddr_in *)state->dst;
 ! 			if (state->ro->ro_rt
 ! 			 && ((state->ro->ro_rt->rt_flags & RTF_UP) == 0
 ! 			  || dst4->sin_addr.s_addr != ip->ip_dst.s_addr)) {
    				RTFREE(state->ro->ro_rt);
    				state->ro->ro_rt = NULL;
    			}
 --- 2713,2719 ----
    			state->ro = &isr->sav->sah->sa_route;
    			state->dst = (struct sockaddr *)&state->ro->ro_dst;
    			dst4 = (struct sockaddr_in *)state->dst;
 ! 			if (state->ro->ro_rt) {
    				RTFREE(state->ro->ro_rt);
    				state->ro->ro_rt = NULL;
    			}
 
 
 	Ari S.