[Openswan Users] Kernel Panic - not syncing
Ravi Verma
ravi.verma at telecommand.com
Sun Aug 7 11:15:17 CEST 2005
Friends:
I have installed Openswan Linux Openswan U2.4.0dr8/K2.6.9-5.0.3.EL
(netkey) on two Intel servers runnning Centos 2.6.9-5.0.3.EL.
Everything seems to work fine except for random sudden freezing of the
machines. It is happening on both the servers.
Here is the message I copied from the console.
Kernel Panic - not syncing: net/ipv4/xfrm4_output.c:108
spin_lock(net/xfrmx_state.c: f7c2f4141) already locked by
net/ipv4/xfrm4_output.c/108)
Below is the copy of the ipsec.conf
# /etc/ipsec.conf - Openswan IPsec configuration file
# RCSID $Id: ipsec.conf.in,v 1.15 2005/04/23 21:59:26 ken Exp $
# This file: /usr/local/share/doc/openswan/ipsec.conf-sample
#
# Manual: ipsec.conf.5
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
config setup
# plutodebug / klipsdebug = "all", "none" or a combation from below:
# "raw crypt parsing emitting control klips pfkey natt x509 private"
# eg:
# plutodebug="control parsing"
# Only enable klipsdebug=all if you are a developer
#
# NAT-TRAVERSAL support, see README.NAT-Traversal
# nat_traversal=yes
# virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%4:172.16.0.0/12
# Add connections here
# sample VPN connection
# conn sample
# # Left security gateway, subnet behind it, nexthop toward
right.
# left=10.0.0.1
# leftsubnet=172.16.0.0/24
# leftnexthop=10.22.33.44
# # Right security gateway, subnet behind it, nexthop toward
left.
# right=10.12.12.1
# rightsubnet=192.168.0.0/24
# rightnexthop=10.101.102.103
# # To authorize this connection, but not actually start it,
# # at startup, uncomment this.
# #auto=start
conn road
left=xx.xx.xx.xx # Gateway's information
leftid=@XX.telecommand.com #
leftsubnet=10.2.0.0/16 #
leftrsasigkey=0sAQNxR ....
rightnexthop=%defaultroute # correct in many situations
right=%any # Wildcard: we don't know the laptop's IP
rightsubnet=0.0.0.0/0
rightid=@raviverma.telecommand.com #
rightrsasigkey=0sAQN7E
auto=add # authorizes but doesn't start this
# connection at startup
#Disable Opportunistic Encryption
Kind regards.
Ravi Verma
Chief Executive Officer
Telecommand Software and Services
2210 Plaza Drive, Ste 150
Rocklin, CA 95765
Phone: 9167053261, 866-220-RAVI (Toll-free)
Fax: 9169142008
www.telecommand.com
More information about the Users
mailing list