VPN solution(s) for Fedora Core
James Morris
jmorris at redhat.com
Fri May 21 19:22:40 UTC 2004
On Fri, 21 May 2004, Felipe Alfaro Solana wrote:
> However, I must say there are some problems with automatic keying and
> 2.6 kernels regarding the use of ISAKMP/IKE. The problem is that
> settings an SPD between both tunnel end-points causes the first packet
> between any of them to start negotiating the Security Association. But
> the kernel, instead of queueing the packet that triggered the ISAKMP/IKE
> exchange (in order to set up the SA), discards it and returns -EGAIN
> error to the userspace caller which, in turn, translates into "Resource
> temporarily unavailable" for user space programs.
This is a known issue which needs to be fixed in the upstream kernel.
- James
--
James Morris
<jmorris at redhat.com>
More information about the fedora-devel-list
mailing list