[CentOS] centos 5 2.6.18-53.1.21.el5 kernel and ipsec
Ned Slider
ned at unixmail.co.uk
Wed May 28 23:55:20 UTC 2008
Joe Pruett wrote:
> i had previously been having issues with automount being slow with this
> new kernel and i tracked it down to dns delays which were being caused
> by ipsec not working. i have spent a few hours poking around and ipsec
> seems quite broken with this new kernel. esp packets go in and out just
> fine, but when i look at ip xfrm stats on the machine with the new
> kernel, i see that for input packets, the ah layer is being processed
> just fine, but the esp layer is showing 0 bytes/packets and no errors.
> i can't find any errors or other indications of what is going on.
>
> is anyone else running a standard ipsec tunnel (using the standard ifcfg
> method for creating the tunnel) under this new kernel? i know that a
> new 5.2 kernel should be coming soon, but i worry that whatever broke
> this version may happen there as well.
See here:
http://bugs.centos.org/view.php?id=2853
More information about the CentOS
mailing list