Hello,
I was following up on this old thread "ICMP Error transmission/response over IPSec tunnels [1]" as I'm running into a similar issue on 7.4-STABLE: Problem: RouterA and RouterB in the following diagram are FreeBSD 6.4-STABLE and 7.4-STABLE running a gre tunnel and ipsec transport mode encryption on top of it. None of them send an icmp error "TTL Exceeded in traffic" when the TTL of the packet reaches 0 after they decrement it. Code: hostA----RouterA--GRE-inside-IPSEC/ESP/transport---RouterB---hostB Packets sent from hostA to hostB with a TTL2 that should have an ICMP "TTL exceeded in traffic" returned by RouterB have no effect. Of course, TTL3 packets are being returned by hostB through RouterB and back through the tunnel. Any plans from tcp/ip stack developers regarding this behavior ? -- Regards, Andrei Manescu Links: ------ [1] http://groups.google.com/group/mailing.freebsd.net/browse_thread/thread/1e121c81e44c88b4/9927ce8abc6d7de9 _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
