[Openswan dev] Openswan 2.3.1/2.4.0rc1 instability with L2TP
nw at sbs.de
Sun Aug 21 20:43:21 CEST 2005
Norbert Wegener wrote:
> Alan DeKok wrote:
>> Norbert Wegener <nw at sbs.de> wrote:
>>> I can confirm this behaviour for 2.4.0rc1 with KLIPS and the actual
>>> version of freeradius.
>> FreeRADIUS uses the Framed-MTU attribute to calculate how much data
>> to send to the client. Unfortunately, the calculation is probably a
>> little wrong.
>> In the short term set the "fragment_size" in eap.conf to a smaller
>> value, and it should work.
>> I think a patch for 1.0.5 would be good.
>> Alan DeKok.
> Maybe this solves one part of the problem, but that alone does not help.
> I have tried different fragment_sizes. The results differs, but in no
> case I do get the l2tp/ppp session authenticated.
> I put the logs at http://www.wegener-net.de/freeradius, where you can
> see the differences. The filename ends with the involved fragment size.
> Which more information should I provide?
> Norbert Wegener
Further analysis showed, that when using a netkey kernel instead of
KLIPS and openswan-2.4.0rc1 , everything worked as expected. So the
problem seems to be only partially causes by the fragment_size
miscalculation. The main reason seems to be related to KLIPS.
>> - List info/subscribe/unsubscribe? See
> Dev mailing list
> Dev at openswan.org
More information about the Dev