[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: VPN solution(s) for Fedora Core



On Fri, 21 May 2004, Felipe Alfaro Solana wrote:

> However, I must say there are some problems with automatic keying and
> 2.6 kernels regarding the use of ISAKMP/IKE. The problem is that
> settings an SPD between both tunnel end-points causes the first packet
> between any of them to start negotiating the Security Association. But
> the kernel, instead of queueing the packet that triggered the ISAKMP/IKE
> exchange (in order to set up the SA), discards it and returns -EGAIN
> error to the userspace caller which, in turn, translates into "Resource
> temporarily unavailable" for user space programs.

This is a known issue which needs to be fixed in the upstream kernel.


- James
-- 
James Morris
<jmorris redhat com>





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]