Re: missing isakmpd.fifo
Matthew Closson wrote: Hello, I am experiencing the same problem. I am testing it to see if I can find what is causing it. I am running OpenBSD 4.0-stable and I went to add a new tunnel today and was greeted with a message the isakmpd.fifo did not exist. I have isakmpd enabled in /etc/rc.conf with flags -K. Even though I do not specify a location on the command line of isakmpd for the fifo to occur, it does exist in fact when the process is launched and sometime later dies off. This is what I found today: # echo ike esp from 172.31.33.0/24 to 10.9.9.0/24 peer aaa.bbb.ccc.ddd psk | ipsecctl -f - ipsecctl: ike_ipsec_establish: open(/var/run/isakmpd.fifo): No such file or directory Where as before the exact same command has worked fine. hmmm. one of my 4.0-release hosts running isakmpd had something similar happen a few days ago: it was using isakmpd -K + ipsecctl -f /etc/ipsec.conf and then, AFAICT, isakmpd died and i got the same isakmpd.fifo error. once i restarted isakmpd and issued the ipsecctl -f /etc/ipsec.conf, all was restored. cheers, jake Thanks, -Matt-
Re: missing isakmpd.fifo
Hello, I am experiencing the same problem. I am testing it to see if I can find what is causing it. I am running OpenBSD 4.0-stable and I went to add a new tunnel today and was greeted with a message the isakmpd.fifo did not exist. I have isakmpd enabled in /etc/rc.conf with flags -K. Even though I do not specify a location on the command line of isakmpd for the fifo to occur, it does exist in fact when the process is launched and sometime later dies off. This is what I found today: # echo ike esp from 172.31.33.0/24 to 10.9.9.0/24 peer aaa.bbb.ccc.ddd psk | ipsecctl -f - ipsecctl: ike_ipsec_establish: open(/var/run/isakmpd.fifo): No such file or directory Where as before the exact same command has worked fine. Thanks, -Matt- On Wed, 7 Feb 2007, Dag Richards wrote: Toni Mueller wrote: Hi Dag, On Thu, 01.02.2007 at 08:37:01 -0800, Dag Richards [EMAIL PROTECTED] wrote: locations. Yesterday I needed to add a tunnel, there was no /var/run/isakmpd.fifo ... odd says I. isakmpd had been running since mid The fifo was recreated, I could use it to control isakmpd. OK. Today I look for isakmpd.fifo, it has disappeared again. and nothing I do not expect to see. I am not running out of disk space ... anybody seen this before? please check again using -i in order to find out whether you have enough disk space. Best, --Toni++ hsdcert0:root:/root #df -i Filesystem 1K-blocks Used Avail Capacity iused ifree %iused Mounted on /dev/sd0a 4126462 35180 3884960 1%2204 533602 0% / /dev/sd0e 103030244978744 0% 16 144238 0% /home /dev/sd0d 1030302 2978786 0% 1 144253 0% /tmp /dev/sd0f10318830391228 9411662 4% 13887 1305023 1% /usr /dev/sd0g16423486 1080606 14521706 7%3564 2077842 0% /var Nope plenty inodes too.
Re: missing isakmpd.fifo
Anyone know if there would be a negative affect on isakmpd if the immutable flag was set on the file /var/run/isakmpd.fifo ? On Sat, 17 Feb 2007, Matthew Closson wrote: Hello, I am experiencing the same problem. I am testing it to see if I can find what is causing it. I am running OpenBSD 4.0-stable and I went to add a new tunnel today and was greeted with a message the isakmpd.fifo did not exist. I have isakmpd enabled in /etc/rc.conf with flags -K. Even though I do not specify a location on the command line of isakmpd for the fifo to occur, it does exist in fact when the process is launched and sometime later dies off. This is what I found today: # echo ike esp from 172.31.33.0/24 to 10.9.9.0/24 peer aaa.bbb.ccc.ddd psk | ipsecctl -f - ipsecctl: ike_ipsec_establish: open(/var/run/isakmpd.fifo): No such file or directory Where as before the exact same command has worked fine. Thanks, -Matt- On Wed, 7 Feb 2007, Dag Richards wrote: Toni Mueller wrote: Hi Dag, On Thu, 01.02.2007 at 08:37:01 -0800, Dag Richards [EMAIL PROTECTED] wrote: locations. Yesterday I needed to add a tunnel, there was no /var/run/isakmpd.fifo ... odd says I. isakmpd had been running since mid The fifo was recreated, I could use it to control isakmpd. OK. Today I look for isakmpd.fifo, it has disappeared again. and nothing I do not expect to see. I am not running out of disk space ... anybody seen this before? please check again using -i in order to find out whether you have enough disk space. Best, --Toni++ hsdcert0:root:/root #df -i Filesystem 1K-blocks Used Avail Capacity iused ifree %iused Mounted on /dev/sd0a 4126462 35180 3884960 1%2204 533602 0% / /dev/sd0e 103030244978744 0% 16 144238 0% /home /dev/sd0d 1030302 2978786 0% 1 144253 0% /tmp /dev/sd0f10318830391228 9411662 4% 13887 1305023 1% /usr /dev/sd0g16423486 1080606 14521706 7%3564 2077842 0% /var Nope plenty inodes too.
Re: missing isakmpd.fifo
On 2/17/07, Matthew Closson [EMAIL PROTECTED] wrote: Anyone know if there would be a negative affect on isakmpd if the immutable flag was set on the file /var/run/isakmpd.fifo ? You mean, other than making isakmpd fail during startup? It removes and recreates the fifo when it starts. It also removes it when it exits. Leaving the fifo there when there's no process listening on it does not help things at all. You need to figure out why isakmpd is exitting and fix that and the fifo will take care of itself. ... I have isakmpd enabled in /etc/rc.conf with flags -K. Even though I do not specify a location on the command line of isakmpd for the fifo to occur, it does exist in fact when the process is launched and sometime later dies off. What is isakmpd logging when it sometime later dies off? Philip Guenther
Re: missing isakmpd.fifo
Hi Dag, On Thu, 01.02.2007 at 08:37:01 -0800, Dag Richards [EMAIL PROTECTED] wrote: locations. Yesterday I needed to add a tunnel, there was no /var/run/isakmpd.fifo ... odd says I. isakmpd had been running since mid The fifo was recreated, I could use it to control isakmpd. OK. Today I look for isakmpd.fifo, it has disappeared again. and nothing I do not expect to see. I am not running out of disk space ... anybody seen this before? please check again using -i in order to find out whether you have enough disk space. Best, --Toni++
Re: missing isakmpd.fifo
Toni Mueller wrote: Hi Dag, On Thu, 01.02.2007 at 08:37:01 -0800, Dag Richards [EMAIL PROTECTED] wrote: locations. Yesterday I needed to add a tunnel, there was no /var/run/isakmpd.fifo ... odd says I. isakmpd had been running since mid The fifo was recreated, I could use it to control isakmpd. OK. Today I look for isakmpd.fifo, it has disappeared again. and nothing I do not expect to see. I am not running out of disk space ... anybody seen this before? please check again using -i in order to find out whether you have enough disk space. Best, --Toni++ hsdcert0:root:/root #df -i Filesystem 1K-blocks Used Avail Capacity iused ifree %iused Mounted on /dev/sd0a 4126462 35180 3884960 1%2204 533602 0% / /dev/sd0e 103030244978744 0% 16 144238 0% /home /dev/sd0d 1030302 2978786 0% 1 144253 0% /tmp /dev/sd0f10318830391228 9411662 4% 13887 1305023 1% /usr /dev/sd0g16423486 1080606 14521706 7%3564 2077842 0% /var Nope plenty inodes too.
missing isakmpd.fifo
I have a little production vpn server with 28 tunnels to various locations. Yesterday I needed to add a tunnel, there was no /var/run/isakmpd.fifo ... odd says I. isakmpd had been running since mid Septembe, so I justed edited the config file and hupped the controlling process. The fifo was recreated, I could use it to control isakmpd. OK. Today I look for isakmpd.fifo, it has disappeared again. I have looked through messages, I see lots things I expect to see -- Feb 1 07:01:44 hsdcert0 isakmpd[8856]: dropped message from 2xx.xx.xx4.4 port 500 due to notification type Unknown 0 Feb 1 07:01:45 hsdcert0 isakmpd[8856]: isakmpd: quick mode done: src: 10.120.10.50 dst: 1.26.19.30 Feb 1 07:02:09 hsdcert0 isakmpd[8856]: isakmpd: quick mode done: src: 10.120.10.50 dst: 1.26.19.30 Feb 1 07:02:46 hsdcert0 isakmpd[8856]: isakmpd: phase 1 done: initiator id 011a131e: 1.26.19.30, responder id 0a780a32: 10.120.10.50, src: 10.120.10.50 dst: 1.26.19.30 Feb 1 07:03:19 -- and nothing I do not expect to see. I am not running out of disk space ... anybody seen this before?
Re: missing isakmpd.fifo
Um in case it *might* be useful information I am using OBSD 3.9 i386 though I can remember exactly when I built userland it is not the stock from dist CD version. Dag Richards wrote: I have a little production vpn server with 28 tunnels to various locations. Yesterday I needed to add a tunnel, there was no /var/run/isakmpd.fifo ... odd says I. isakmpd had been running since mid Septembe, so I justed edited the config file and hupped the controlling process. The fifo was recreated, I could use it to control isakmpd. OK. Today I look for isakmpd.fifo, it has disappeared again. I have looked through messages, I see lots things I expect to see -- Feb 1 07:01:44 hsdcert0 isakmpd[8856]: dropped message from 2xx.xx.xx4.4 port 500 due to notification type Unknown 0 Feb 1 07:01:45 hsdcert0 isakmpd[8856]: isakmpd: quick mode done: src: 10.120.10.50 dst: 1.26.19.30 Feb 1 07:02:09 hsdcert0 isakmpd[8856]: isakmpd: quick mode done: src: 10.120.10.50 dst: 1.26.19.30 Feb 1 07:02:46 hsdcert0 isakmpd[8856]: isakmpd: phase 1 done: initiator id 011a131e: 1.26.19.30, responder id 0a780a32: 10.120.10.50, src: 10.120.10.50 dst: 1.26.19.30 Feb 1 07:03:19 -- and nothing I do not expect to see. I am not running out of disk space ... anybody seen this before?
