Date: Mon, 27 Nov 2000 18:59:43 -0500 From: "Jim Flowers" <jflowers@ezo.net> To: <freebsd-questions@freebsd.org> Subject: SKIP not working above 4.0 release Message-ID: <005201c058ce$1e189a50$81d396ce@ezo.net>
next in thread | raw e-mail | index | archive | help
I just spent a bunch a time trying to get SKIP working on 4.2-RELEASE hoping
it had been fixed. We have not been able to run it on anything after
4.0-RELEASE (including 4 Stable).
Everything operates correctly to authenticate for both the source and
destination hosts (source > 4.0, destination < = 4.0). Packets are
correctly formed and sent to the destination host where they are unpacked
and decrypted properly - the destination machine encrypts and correctly
encapsulates the return packets (using ping) which are delivered back to the
source machine where they are correctly delivered to bpf (shown via
tcpdump).
Unfortunately at that point, I can't tell exactly what is going on. Skiplog
on the source machine complains:
Warning: destination.com (206.102.130.14) failed
authentication
Its certificate/key id may be invalid
but skipd.log contains:
Nov 27 14:37:32 source skipd: Received encrypt key request for nsid=8
mkid=destination.key
Nov 27 14:37:33 source skipd: OK: kernel query nsid=8 mkid=destination.key
so the encryption key is found to be acceptable.
Strangest of all, packet 353 gets through and then every 257th packet after
that does, too.
Looks like something has happened to the bpf/skip/device_driver messaging
after 4.0-RELEASE.
Any ideas or observations will be appreciated.
Jim Flowers mailto:jflowers@ezo.net
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?005201c058ce$1e189a50$81d396ce>