[Openswan Users] OpenSWAN / Native 2.6 IPSec: MTU / PMTUD woes

Jan Koop ceb at cbct.de
Mon Feb 7 13:52:13 CET 2005

Well, I am running a Fedora Kernel, or did you explicitly mean RedHat 
(is there a RedHat 2.6 Kernel?). I compiled a KLIPS module, but haven't 
been able to test it yet - i noticed unloading tries segfaulting ;), and 
OpenSWAN ignoring the presence of the ipsec module. Maybe a reboot will 
help, but that has to be scheduled...

Paul Wouters schrieb:

> On Mon, 7 Feb 2005, Jan Koop wrote:
>> I just wanted to share my partially horrifying experience with Native 
>> 2.6 Kernel IPSec, OpenSWAN and path MTU discovery (PTMUD) with the list.
>> Under kernel 2.6 native ipsec pmtud with ipsec is reported to be 
>> broken in the posts i dug out.
> If you are not running a redhat kernel, you can run KLIPS on 2.6. Just 
> run:
> export KERNELSRC=/usr/src/yourlinux-2.6
> make module26 m26install
> Be sure to load ipsec.ko and unload af_key, ah, esp4 and xfrm4_tunnel
> Also, do not unload the ipsec module (edit _realsetup) as module 
> unloading
> with 2.6 still has a problem.
> Paul

More information about the Users mailing list