Bjoern A. Zeeb wrote: > not that this should fix your problem but you might want to start with > this patch: > > http://sources.zabbadoz.net/freebsd/patchset/sys-netinet-tcp-syncache.c-20071126-01.diff
No, probably not. But it may fix a bunch of spurious failed SADB lookup messages I've been seeing on the box in question. > I'll try to find your bug the next days (in case you find anything let > me know). > > I don't know how much quagga does these days but policies are setup > correctly on both machines and you are not finding any failed SADB > lookup warninge in dmesg on the 7 machine? The security policy is set up using setkey from config in /etc/ipsec.conf: > ferris# grep xx /etc/ipsec.conf > add 193.242.111.9 193.242.111.xx tcp 0x1000 -A tcp-md5 "<removed>"; No, there are no failed SADB lookup messages. The kernel code is being executed, because if I disable md5 from within quagga, the md5 checksum option completely disappears from the tcp headers. If it's enabled, the checksum is just zeros. Nick _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
