[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(usagi-users 02723) Re: problem with retransmit packet

To: usagi-users@xxxxxxxxxxxxxx
Subject: (usagi-users 02723) Re: problem with retransmit packet
From: Mitsuru KANDA / 神田充 <mk@xxxxxxxxxxxxxx>
Date: Mon, 22 Dec 2003 00:26:19 +0900
In-reply-to: <4.3.2-J.20031217154337.00c86840@smtp.jp.sony.com>
References: <4.3.2-J.20031214113001.06878380@smtp.jp.sony.com> <87ptep8k6m.wl@karaba.org> <4.3.2-J.20031217154337.00c86840@smtp.jp.sony.com>
Reply-to: usagi-users@xxxxxxxxxxxxxx


At Wed, 17 Dec 2003 16:14:16 +0900,
Kazutaka Tachibana <Kazutaka.Tachibana@xxxxxxxxxxx> wrote:
...
> pfkey setting is following..
> -------------------------------------------------------------------------
> pfkey -A sa -s 'Src Address' -d 'Dst Address' -T esp -S 0x600 -p any --auth 
> hmac-sha1 \
> --authkey 0x54686973206973206120536563726574204b6579 --esp 3des-cbc 
> \
> --espkey 0x54686973206973206120536563726574204b657920212121
> 
> pfkey -A sp -s 'Src Address' -d 'Dst Address' -T esp -S 0x600 -p any
> 
> pfkey -A sa -d 'Src Address' -s 'Dst Address' -T esp -S 0x601 -p any --auth 
> hmac-sha1 \
> --authkey 0x54686973206973206120536563726574204b6579 --esp 3des-cbc 
> \
> --espkey 0x54686973206973206120536563726574204b657920212121
> 
> pfkey -A sp -d 'Src Address' -s 'Dst Address' -T esp -S 0x601 -p any
> -------------------------------------------------------------------------
I think it's no problems.

> I communicated between USAGI and another OS using IPsec.
> My test is like this.
> Another OS intentionally drop IPsec packet from USAGI, because I want USAGI 
> kernel
> to send TCP retransmit packet.

Can you set debugging on and send logs to us?
(sysctl -w net.ipsec.debug_{ipv6,pfkey,sadb,spd}=1)

> >And also Could you try to test another version of USAGI kit?
> >(e.g., "snap-shot-20030721"
> >or cvs tag name "bHISTORIC-IPSEC-MIP6-20030804" is the latest/fixed
> >USAGI 2.4 IPsec version.)
> 
> I tried to run "snap-shot-20030721 kernel", but Red Hat Linux freezed.
> So I couldn't check above problem.
> Please tell me how to make "snap-shot-20030721 kernel".
...
> >At Sun, 14 Dec 2003 13:57:36 +0900,
> >Kazutaka Tachibana <Kazutaka.Tachibana@xxxxxxxxxxx> wrote:
> > >
> > > Hi.
> > >
> > > I'm facing problem with TCP retransmit packet has
> > > incorrcet cheksum when using IPsec( not Authenticate,
> > > only Cipher ).
Did this kind of your "incorrect checksum" problem happen only 
"TCP retransmit packet"?

(snip)
> > > I'm runnig usagi stable 4.1 on RedHat9.0.

-mk

References:
- (usagi-users 02699) problem with retransmit packet
  - From: Kazutaka Tachibana
- (usagi-users 02702) Re: problem with retransmit packet
  - From: Mitsuru KANDA / 神田充
- (usagi-users 02703) Re: problem with retransmit packet
  - From: Kazutaka Tachibana

Prev by Date: (usagi-users 02722) ipv6 advanced api
Next by Date: (usagi-users 02724) [usagi-announce] 2003/12/22 snapshot
Previous by thread: (usagi-users 02703) Re: problem with retransmit packet
Next by thread: (usagi-users 02704) insufficient process when receiving IPv6 Router Solicitation
Index(es):
- Date
- Thread