On 2004.07.29 00:40:00 +0200, Michael Lestinsky wrote: > for some time now my IPsec connection over my wireless network doesn't > seem to work. I've enabled debugging in racoon (it's used on both ends > of the connection) and get this in the log: > > 2004-07-29 00:37:56: DEBUG: oakley.c:436:oakley_compute_keymat(): KEYMAT computed. > 2004-07-29 00:37:56: DEBUG: isakmp_quick.c:649:quick_i2send(): call pk_sendupdate > 2004-07-29 00:37:56: DEBUG: algorithm.c:513:alg_ipsec_encdef(): encription(3des) > 2004-07-29 00:37:56: DEBUG: algorithm.c:556:alg_ipsec_hmacdef(): hmac(hmac_sha1) > 2004-07-29 00:37:56: DEBUG: pfkey.c:1061:pk_sendupdate(): call pfkey_send_update > 2004-07-29 00:37:56: ERROR: pfkey.c:1076:pk_sendupdate(): libipsec failed send update (No buffer space available) The line above is the problem... > 2004-07-29 00:37:56: ERROR: isakmp_quick.c:651:quick_i2send(): pfkey update failed. > 2004-07-29 00:37:56: ERROR: isakmp.c:750:quick_main(): failed to process packet. > 2004-07-29 00:37:56: ERROR: isakmp.c:541:isakmp_main(): phase2 negotiation failed. > > Can someone help me here? The problem is related to the mbuma change.. A workaround I got from Christian Brueffer is to add options MSIZE=512 # mbuf size in bytes to your kernel configuration file. Bosko Milekic (mbuma author) is aware of the problem, but I don't think he has found the problem (or if it's even a mbuma bug and not a racoon bug that was just exposed by mbuma). -- Simon L. Nielsen FreeBSD Documentation Team
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:03 UTC