Bug#590661: linux-image-2.6.32-5-openvz-amd64: openswan ipsec packets do not reach openvz instances
Hi,
On Wed, 2010-07-28 at 10:50 +0200, maximilian attems wrote:
> On Wed, Jul 28, 2010 at 10:29:40AM +0200, Daniel Tombeil wrote:
> > Package: linux-2.6
> > Version: 2.6.32-18
> > Severity: important
> > Tags: squeeze
> >
> >
> >
> > -- Package-specific info:
> > ** Version:
> > Linux version 2.6.32-5-openvz-amd64 (Debian 2.6.32-18) (ben@decadent.org.uk) (gcc version 4.3.5 (Debian 4.3.5-2) ) #1 SMP Sat Jul 24 02:32:56 UTC 2010
> >
> > ** Command line:
> > BOOT_IMAGE=/boot/vmlinuz-2.6.32-5-openvz-amd64 root=/dev/mapper/osfw--v3--01--vda1-osfw--v3--01--root ro quiet
>
> see no posted evidence here, but anyway please post tcpdumps
> and setup in upstream bugzilla.openvz.org and let us know bug nr
> so that it can be tracked.
I attached some ASCII-tcpdump output at the end of the report. Below the
"More information:"-Line.
But I'll try if it is reproducable in an easier setup. base-install, one
bridge-device, and then trying to access the veth-attached VE's on the
bridge-devices network using an ipsec tunnel terminated using openswan
in netkey-mode. I'll post the setup-guide for reproduction and the
binary tcpdump ASAP.
--
Gruss | LF.net GmbH | fon +49 711 90074-402
Daniel Tombeil | Ruppmannstr. 27 | fax +49 711 90074-33
dt@LF.net | D-70565 Stuttgart | http://www.LF.net
Reply to: