[Openswan dev]
Probable Broken NAT-T with latest FC2 kernel (2.6.7-1.494.2.2)
Ken Bantoft
ken at xelerance.com
Mon Aug 9 02:53:04 CEST 2004
NAT-T also appears broken in latest Fedora Core 2 kernel:
2.6.7-1.494.2.2
Aug 8 19:37:51 kbantoft pluto[3154]: "kb-to-bp-38" #3: sent QI2, IPsec SA established {ESP=>0x489df436 <0xb7093be3 NATOA=0.0.0.0}
Aug 8 19:38:16 kbantoft pluto[3154]: packet from ##.##.109.70:4500: recvfrom ##.##.109.70:4500 has no Non-ESP marker
Aug 8 19:39:01 kbantoft last message repeated 14 times
Not sure what change this is stemming from, but I'm reporting it now so
others who run into know that we're aware.
I've tried with Herbert's latest fix, and it doesn't make a difference for
this case.
On Fri, 6 Aug 2004, Robert Hardy wrote:
> NAT traversal seems to have been broken by changes to UDP encapsulation
> changes in somewhere in the range of 2.6.8-rc1 to rc3. My guess is 2.6.8-rc1
> as Fedora kernels are affected and their patches stopped around 2.6.8-rc1-bk
> something. 2.6.7 still works properly.
--
Ken Bantoft VP Business Development
ken at xelerance.com Xelerance Corporation
sip://toronto.xelerance.com http://www.xelerance.com
More information about the Dev
mailing list