Hi
Trying to start IPsec, I can see that phase1 seems to be working.
show ikev2 sa
iip 100.127.9.168 ispi b2a759d49c7773a rip 192.x.x.x rspi 951f673d969253d1
But when bringing up the interface of the tunnel, it crashes.
Anyone have any idea what is wrong ?
show interface ipip0 address
ipip0 (dn):
L3 192.168.1.2/30
DBGvpp# set interface state ipip0 up
DBGvpp# received signal SIGSEGV, PC 0x0, faulting address 0x0
PC contains invalid memory address
#0 0x0000000000000000
#1 0x00007e0c39a435d4 ipsecmb_ops_hmac_inline + 0x224
from
/dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/vpp_crypto_engines/ipsecmb_crypto_engine.so
#2 0x00007e0c811f047d vnet_crypto_process_ops_call_handler + 0xed
from
/dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvnet.so.25.10
#3 0x00007e0c811ec8e9 vnet_crypto_process_ops_inline + 0x1e9
from
/dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvnet.so.25.10
#4 0x00007e0c811ec6f7 vnet_crypto_process_ops + 0x27
from
/dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvnet.so.25.10
#5 0x00007e0c812499e9 esp_process_ops + 0x79
from
/dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvnet.so.25.10
#6 0x00007e0c812455cf esp_decrypt_inline + 0xf8f
from
/dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvnet.so.25.10
#7 0x00007e0c81245deb esp4_decrypt_tun_node_fn + 0x3b
from
/dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvnet.so.25.10
#8 0x00007e0c81ea7e59 dispatch_node + 0x349
from
/dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvlib.so.25.10
#9 0x00007e0c81ea8c06 dispatch_pending_node + 0x3b6
from
/dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvlib.so.25.10
#10 0x00007e0c81ea3b15 vlib_main_or_worker_loop + 0x995
from
/dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvlib.so.25.10
#11 0x00007e0c81eaa806 vlib_worker_thread_fn + 0x186
from
/dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvlib.so.25.10
#12 0x00007e0c81edb8b6 vlib_worker_thread_bootstrap_fn + 0xd6
from
/dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvlib.so.25.10
#13 0x00007e0c80a9caa4 pthread_condattr_setpshared + 0x684
from /lib/x86_64-linux-gnu/libc.so.6
#14 0x00007e0c80b29c6c __clone + 0x24c
from /lib/x86_64-linux-gnu/libc.so.6
make: *** [Makefile:760: run] Aborted
Config:
ikev2 profile add pr1
ikev2 profile set pr1 auth shared-key-mic string MySuperSecretKey
ikev2 profile set pr1 id local ip4-addr 80.x.x.x
ikev2 profile set pr1 id remote ip4-addr 192.x.x.x
ikev2 profile set pr1 traffic-selector local ip-range 192.168.1.2 - 192.168.1.2
port-range 0 - 65535 protocol 0
ikev2 profile set pr1 traffic-selector remote ip-range 192.168.1.1 -
192.168.1.1 port-range 0 - 65535 protocol 0
ikev2 profile set pr1 responder GigabitEthernet0/14/0 192.x.x.x
ikev2 profile set pr1 ike-crypto-alg aes-cbc 256 ike-integ-alg
hmac-sha2-256-128 ike-dh modp-2048
ikev2 profile set pr1 esp-crypto-alg aes-cbc 256 esp-integ-alg
hmac-sha2-256-128 esp-dh modp-2048
ikev2 profile set pr1 sa-lifetime 86400 10 5 0
ikev2 initiate sa-init pr1
set interface ip address ipip0 192.168.1.2/30
set interface state ipip0 up
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#26732): https://lists.fd.io/g/vpp-dev/message/26732
Mute This Topic: https://lists.fd.io/mt/117418341/21656
Group Owner: [email protected]
Unsubscribe: https://lists.fd.io/g/vpp-dev/leave/14379924/21656/631435203/xyzzy
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
