Public bug reported: I am using Strongswan (charon-systems) as a vpn server allowing external (roadwarrior) users to connect in.
The system worked without problem using a tg3 network interface. upgrading to a ixbge 10gbe interface causes problems and no traffic will work between the client/server once the IPSec connection is established. dmesg reports : [42778.201643] ixgbe 0000:07:00.0 ens1f0: ixgbe_ipsec_tx: bad sa_idx=64512 handle=0 over and over. I tried upgrading to the HWE kernel but the fault remains. It only affects the IXBGE interfaces, not the TG3 interfaces (which suggests it was a kernel fault) I believe this kernel update fixes it: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c?h=v5.4-rc1&id=f39b683d35dfa93a58f1b400a8ec0ff81296b37c ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: charon-systemd 5.6.2-1ubuntu2.4 ProcVersionSignature: Ubuntu 5.0.0-29.31~18.04.1-generic 5.0.21 Uname: Linux 5.0.0-29-generic x86_64 ApportVersion: 2.20.9-0ubuntu7.7 Architecture: amd64 Date: Wed Oct 2 00:45:55 2019 InstallationDate: Installed on 2016-10-24 (1072 days ago) InstallationMedia: Ubuntu-Server 16.04.1 LTS "Xenial Xerus" - Release amd64 (20160719) SourcePackage: strongswan UpgradeStatus: Upgraded to bionic on 2018-08-25 (402 days ago) ** Affects: strongswan (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1846283 Title: Strongswan Charon-systemd fails on ixbge fault with hardware offload To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1846283/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
