[strongSwan] Strongswan using VTI

Olivier PELERIN olivier_pelerin at hotmail.com
Fri Dec 19 13:28:16 CET 2014 

Interesting!

Let me try that out after Christmas!

Regards

> Date: Thu, 18 Dec 2014 17:15:07 +0100
> From: schwarz at gaertner.de
> To: olivier_pelerin at hotmail.com
> CC: avalentin at marcant.net; users at lists.strongswan.org
> Subject: Re: [strongSwan] Strongswan using VTI
> 
> Hi,
> >>>>> "OP" == Olivier PELERIN <olivier_pelerin at hotmail.com> writes:
> 
> OP> Tried to follow this kernel commit - it does not work
> 
> OP> https://lists.ubuntu.com/archives/kernel-team/2013-November/034116.html
> 
> OP> It seems utterly broken
> 
> OP> From: olivier_pelerin at hotmail.com
> OP> To: avalentin at marcant.net; users at lists.strongswan.org
> OP> Date: Thu, 18 Dec 2014 10:11:23 +0100
> OP> Subject: Re: [strongSwan] Strongswan using VTI
> 
> OP> Will try it out
> 
> OP> When I strace my ping I'm getting  (Resource temporarily unavailable) when we receive the echo-reply
> 
> OP> sendmsg(3, {msg_name(16)={sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("10.0.0.2")}, msg_iov(1)=[{"\10\0\312\350Y\362\00096\231\222T\0\0\0\0K+\0\0\0\0\0\0\20\21\22\23\24\25\26\27"..., 64}], msg_controllen=32, {cmsg_len=28, cmsg_level=SOL_IP, cmsg_type=, ...}, msg_flags=0}, 0) = 64
> OP> recvmsg(3, 0x7fff93401680, 0)           = -1 EAGAIN (Resource temporarily unavailable)
> OP> gettimeofday({1418893623, 10985}, NULL) = 0
> OP> gettimeofday({1418893623, 11029}, NULL) = 0
> 
> check your kernel parameter xfrm4_gc_thresh with:
> 
>      cat /proc/sys/net/ipv4/xfrm4_gc_thresh
> 
> if you see 1024 or even 2048 as the result, it's way to low.  bump it
> up with:
> 
>      echo 262144 > /proc/sys/net/ipv4/xfrm4_gc_thresh
> 
> and check your ping/traceroute again.  if you succseed, make your
> setting permanet and add
> 
>      net.ipv4.xfrm4_gc_thresh = 262144
> 
> to /etc/sysctl.conf.
> 					kind regards, schwarz
> 
> -- 
>  Gärtner Datensysteme GmbH & Co. KG                  Komplementärin:
>                                                      Gärtner Datensysteme
>  Hamburger Str. 273a      Tel. (0531) 2 33 55 55     Verwaltungs GmbH
>  38114 Braunschweig       Fax  (0531) 2 33 55 56
>                                                      Amtsgericht Braunschweig
>  Amtsgericht Braunschweig HRA 200 848                HRB 202 115
> 
>  GmbH-Geschäftsführung:
>  Christine Müller   Martin Neitzel   Ulrich Schwarz  Dr. Stefan Gärtner
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20141219/261a08b7/attachment.html>

More information about the Users mailing list