[Openswan Users] OpenSwan in UML

Jax cybercorecentre at gmail.com
Wed Oct 25 22:52:49 EDT 2006 

Paul Wouters wrote:
> On Wed, 25 Oct 2006, Jax wrote:
>
>   
>> It didn't create dump files in the /tmp but in the meantime I tried to start
>> pluto with --debug-all --nofork --stderrlog
>> and maybe this is the error:
>>
>> FATAL ERROR: Failed to bind bcast socket in init_netlink(). Errno 2: No such
>> file or directory
>>     
>
> You are using NETKEY but forgot to enable CONFIG_XFRM_USER.
>
>   
You were right, now everything works fine. However I read the 
performance part of the book after I tried this uml image on 2 machine.
On a 2200 Athlon the max trhroughput was around 2 mbit/s, I think the 
uml generate some overhead (all machine with skas+bb kernel pairs of 
course).
Now I moved this uml image to my 2X500 mhz server and the speed 
decreased to 700-800 kbytes/sec but it's not a problem. I think there is 
one more thing what can be bad for the connection,
the fact that I use one interface and nat between 2 subnet, the traffic 
goes twice on 1 physical connection.
Anyway I want to ask 3 more thing:

-in windows ipsec options there is a "LCP extensions" checkbox, but it 
doesn't change anything when I swtich on or off so what is this?
-in uml 1 interesting problem left, but it's hard to explain

"ipsec__plutorun: ipsec_auto: fatal error in "l2tp-psk-orgWIN2KXP": 
%defaultroute requested but not known"

I get this error when I start ipsec. My routing table:

7.4.0.2         *               255.255.255.255 UH    0      0        0 ppp0
172.16.5.2      *               255.255.255.255 UH    0      0        0 eth0
172.16.5.0      *               255.255.255.0   U     0      0        0 eth0
192.168.2.0       *               255.255.255.0   U     0      0        
0 eth0

But when my client connect from the 172.16.5.0 network everything works 
fine except I need to setup manually the default gw on the uml host, and 
then the client reach the internet.
However if I setup the default gateway before the ipsec start then the 
client can't connect. I just wondering what cause this.

Anyway the "%defaultroute requested" always in the log. It's obvious I 
don't want to setup any default route for the 172.16.5.0 network which 
only for the roadwarriors.

-the last issue with uml (and I think this isn't  depend on hardware 
because I tried on both host), sometimes the connection freeze for 10-30 
sec and I think this is connect to the previous routing error
> Paul
>   
Best Regards,
Jax

More information about the Users mailing list