Hello, looks like I'll join the fray as well.
I've just turned on IPSec between two machines, an i386 and Alpha,
both running very recent currents, each has the IPSEC and IPSEC_ESP
config options set, but does not have IP6 support enabled. I used
setkey and could establish what appear to be encrypted connections using
vanilla telnet between the hosts, (can someone recommend a good packet
sniffer to ensure this? tcpflow ignored connections between the ipsec
hosts. I used tcpdump -x with a large snaplen and saw that sending a
constant stream of the 0's yeilded the different packets.)
What is curious, though, is that during a telnet, running any command
to dump a large amount of information to the screen will lock up the
connection forcing me to login again. Similar things happen with ftp
(locked up after logging in when I first issue an ls). The surest way
to lock up teh connection is to go to /sys/compile/KERN and do an ls.
Data piped to more (a screenful at a time) seems to be ok, but
substancially more locks up TCP connections. This does not occur with
NFS (I build a kernel using it).
I notice that setkey -D yeilds different numbers between the machines
in terms of "current:" bytes.
What data can I provide to help in fixing this problem?
Regards.
Tom
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
