Hi, On Wed, 2010-07-28 at 11:30 +0200, maximilian attems wrote: > On Wed, Jul 28, 2010 at 11:09:41AM +0200, Daniel Tombeil wrote:
[...] > > in netkey-mode. I'll post the setup-guide for reproduction and the > > binary tcpdump ASAP. > > ok sorry overlooked, as wasn't in body, please make upstream devs > aware by filing there. > development and fixes happens there. thanks no prob. I'm not very used to file bugs by now. I found a related bug-report at openvz.org for RHEL6. Seems to be the same problem. The workaround I found there works for me, too: Bug 1554 - ipsec vpn terminated in HN not available in VE unless IPSEC policies are disabled for venet0 http://bugzilla.openvz.org/show_bug.cgi?id=1554 There is still a discussion ongoing if this scenario is or should be supported at all or not. I wrote a comment confirming the problem exists also on debian squeeze/testing. I'll now wait what the discussion leads to. As long as it works I can live with the sysctl inside the VE. Thank you! -- Gruss | LF.net GmbH | fon +49 711 90074-402 Daniel Tombeil | Ruppmannstr. 27 | fax +49 711 90074-33 [email protected] | D-70565 Stuttgart | http://www.LF.net -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
