[Openswan Users] netlink XFRM_MSG_NEWPOLICY response for flow
pupilla at hotmail.com
Tue Nov 21 10:03:24 EST 2006
Marco Berizzi wrote:
> Paul Wouters wrote:
> > On Tue, 14 Nov 2006, Marco Berizzi wrote:
> > > > Can you do another ipsec setup restart after your tunnel is up
> > > > see if it happens again? If so, it looks like your kernel does
> > > > get cleared upon stopping. So if it happens, can you do ipsec
> > > > setup stop and then an ip xfrm state list and ip xfrm policy
> > > > to confirm that?
> > I was hoping you would do after you brought the tunnels up:
> > ipsec setup stop
> > ip xfrm state list
> > ip xfrm policy list
> Ok, tunnels where up, so I upgraded to 2.4.7,
> stopped openswan with 'ipsec setup stop' and
> run 'ip x s l > ipxsl' & 'ip x p l > ipxpl'.
> Results were two empty file. 7 seconds later,
> I run 'ipsec setup start' and I didn't see
> these errors anymore.
> > What happens if you add a leftnexthop=yourgatewayip ?
> all connection definition has defined leftnexthop
> > We have a fix around for that in 2.4.7 (released today if all goes
> Upgraded. Next time I will reboot this system
> again I will take a look at /var/log/secure for
> these errors.
> One question. Did you notice that these errors
> are always related to "tun.10000"? Why always
> '10000' and not other numbers?
> ERROR: netlink XFRM_MSG_NEWPOLICY response for flow tun.10000 at pleiadi
> included errno 17: File exists
I'm always seeing this error messages also with
Openswan 2.4.7 on Linux 126.96.36.199 (always related
My setup is pretty standard except for nhelpers
set to 0
More information about the Users