Hi, On Sunday 12 March 2006 23.29, Stjepan Gros wrote: > setkey command behaves strangely when SPD is large. Either because I'm > doing something wrong or because there is a bug. I believe it's a bug, > but who knows... Anyway, after 529 items it simply stops displaying > items from SPD with a message > > recv: Resource temporarily unavailable
This has been discussed a couple of times on netdev and on the ipsec-tools development list. You can find more info in these threads, for example: <http://marc.theaimsgroup.com/?t=111141711600008&r=1&w=2> <http://marc.theaimsgroup.com/?t=113872589800002&r=1&w=2> <http://sourceforge.net/mailarchive/forum.php?thread_id=9674898&forum_id=32000> As a workaround for the problem you could try increasing the size of the socket buffers available for PF_KEY sockets. Unfortunately you still have to patch ipsec-tools for this to work, because for some unknown reason it forces 128K buffers on all pfkey sockets. -- Regards, Krisztian Kovacs - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
