Hi.
On 03.12.2010 01:58, Bjoern A. Zeeb wrote:
FreeBSD A >======ipsec over gre===> FreeBSD B
I'm using FreeBSD as a security gateway:
What it means is that a packet with either an invalid sequence, a
sequence lower than the last seen and outside the window, or a
sequence seen already (lately) has arrived.
Could it be that something is duplicating packets or that you have
packet loss between A and B? Given that you say that you are running
IPsec on top of GRE (which sounds strange anyway) I'd monitor the
outer tunnel endpoints independently to see what's going on.
Well, could you be more exact, please, about what did you mean by saying
'strange' ?
Probably, my english isn't that good, I just tried to say that I use
ipsec to encrypt my gre tunnels.
Could this out-of-the-sequence thing be caused by traffic shaping, such
as pf ALTQing ?
I just realised that this is the only link I have which has the queueing
enabled.
Thanks.
Eugene.
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
