On Wed, Sep 07, 2011 at 07:25:02PM +0200, Markus Friedl wrote:
On Sat, Aug 27, 2011 at 10:20:38PM +0200, Axel Rau wrote:
Am 19.07.2011 um 21:45 schrieb Markus Friedl:
All OpenBSD versions should have this problem as it's due to the way how
IPsec-flows are encoded in the routing
Am 07.09.2011 um 19:25 schrieb Markus Friedl:
however, i think this could help Pawel. you need to recompile
the kernel (and maybe some userland like netstat/route/ipsecctl).
Seems to fix the bug. More testing this evening.
Axel
---
PGP-Key:29E99DD6 b +49 151 2300 9283 b computing @ chaos
On Wed, 7 Sep 2011 22:05:42 +0100, owner-b...@openbsd.org wrote:
Am 07.09.2011 um 19:25 schrieb Markus Friedl:
no, that's different. you probably have to setup
bypass flows in ipsec.conf.
I'm using isakmpd.conf and must convert to ipsec.conf to use bypass flows.
No need to touch your
On Sat, Aug 27, 2011 at 10:20:38PM +0200, Axel Rau wrote:
Am 19.07.2011 um 21:45 schrieb Markus Friedl:
All OpenBSD versions should have this problem as it's due to the way how
IPsec-flows are encoded in the routing table and I could not find and easy
fix.
Does this explain, why I
Am 19.07.2011 um 21:45 schrieb Markus Friedl:
All OpenBSD versions should have this problem as it's due to the way how
IPsec-flows are encoded in the routing table and I could not find and easy
fix.
Does this explain, why I can't reach A from B and vice versa?
I think the problem is that the flow with the most specific
source-network wins
Am Donnerstag, 28. Juli 2011 um 14:24 schrieb Pawel Wieleba:
On Tue, Jul 19, 2011 at 09:33:49PM +0100, Stuart Henderson wrote:
On 2011/07/19 21:45, Markus Friedl wrote:
All OpenBSD versions should have this
On Tue, Jul 19, 2011 at 09:33:49PM +0100, Stuart Henderson wrote:
On 2011/07/19 21:45, Markus Friedl wrote:
All OpenBSD versions should have this problem as it's due to the way how
IPsec-flows are encoded in the routing table and I could not find and easy
fix.
The easiest fix if you
On 2011/07/19 21:45, Markus Friedl wrote:
All OpenBSD versions should have this problem as it's due to the way how
IPsec-flows are encoded in the routing table and I could not find and easy
fix.
The easiest fix if you control both ends is probably to just use
gif(4) tunnels.
For people who