Good morning sports fans,
I am running PF 1.2-RC2. I have 22 IPsec tunnels running over a
low bandwidth connection. CPU usage is below 30% and spikes to 90%
when re-keying occurs. memory usage hovers around 25% The interesting
issue I have is this;
One of the directly connected interfaces is 10.1.57.97/28
One of the tunnels I have configured is 10.1.57.96/28 <----> 10.0.0.0/8
When this tunnel is enabled I cannot reach the 10.1.57.97 interface.
If I disable this tunnel reaching the interface works as expected. I
can route through the interface but I cannot reach it. Pings timeout
and admin fails (reponse packets are sent into space, trace attached
of me trying to admin the box from .99) So local admin of the PF from
this network is out and any VIPs I have configured for load balancing
are also out. I am wondering if anyone has seen this issue and if
there is a workaround to it? Thanks.
Wade B
--
Wade Blackwell
"Integrity is often more painful and always more profitable than
perception management"
pf-w-ipsec-admin.pcap
Description: Binary data
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
