[Openswan Users] OpenSWAN / Native 2.6 IPSec: MTU / PMTUD woes
Jan Koop
ceb at cbct.de
Mon Feb 7 13:52:13 CET 2005
Well, I am running a Fedora Kernel, or did you explicitly mean RedHat
(is there a RedHat 2.6 Kernel?). I compiled a KLIPS module, but haven't
been able to test it yet - i noticed unloading tries segfaulting ;), and
OpenSWAN ignoring the presence of the ipsec module. Maybe a reboot will
help, but that has to be scheduled...
Paul Wouters schrieb:
> On Mon, 7 Feb 2005, Jan Koop wrote:
>
>> I just wanted to share my partially horrifying experience with Native
>> 2.6 Kernel IPSec, OpenSWAN and path MTU discovery (PTMUD) with the list.
>
>
>> Under kernel 2.6 native ipsec pmtud with ipsec is reported to be
>> broken in the posts i dug out.
>
>
> If you are not running a redhat kernel, you can run KLIPS on 2.6. Just
> run:
>
> export KERNELSRC=/usr/src/yourlinux-2.6
> make module26 m26install
>
> Be sure to load ipsec.ko and unload af_key, ah, esp4 and xfrm4_tunnel
> Also, do not unload the ipsec module (edit _realsetup) as module
> unloading
> with 2.6 still has a problem.
>
> Paul
>
More information about the Users
mailing list