[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#590661: linux-image-2.6.32-5-openvz-amd64: openswan ipsec packets do not reach openvz instances

Hi,

On Wed, 2010-07-28 at 10:50 +0200, maximilian attems wrote:
> On Wed, Jul 28, 2010 at 10:29:40AM +0200, Daniel Tombeil wrote:
> > Package: linux-2.6
> > Version: 2.6.32-18
> > Severity: important
> > Tags: squeeze
> > 
> > 
> > 
> > -- Package-specific info:
> > ** Version:
> > Linux version 2.6.32-5-openvz-amd64 (Debian 2.6.32-18) (ben@decadent.org.uk) (gcc version 4.3.5 (Debian 4.3.5-2) ) #1 SMP Sat Jul 24 02:32:56 UTC 2010
> > 
> > ** Command line:
> > BOOT_IMAGE=/boot/vmlinuz-2.6.32-5-openvz-amd64 root=/dev/mapper/osfw--v3--01--vda1-osfw--v3--01--root ro quiet
> 
> see no posted evidence here, but anyway please post tcpdumps
> and setup in upstream bugzilla.openvz.org and let us know bug nr
> so that it can be tracked.

I attached some ASCII-tcpdump output at the end of the report. Below the
"More information:"-Line. 

But I'll try if it is reproducable in an easier setup. base-install, one
bridge-device, and then trying to access the veth-attached VE's on the
bridge-devices network using an ipsec tunnel terminated using openswan
in netkey-mode. I'll post the setup-guide for reproduction and the
binary tcpdump ASAP.

-- 
Gruss               |  LF.net GmbH        |  fon +49 711 90074-402
Daniel Tombeil      |  Ruppmannstr. 27    |  fax +49 711 90074-33
dt@LF.net           |  D-70565 Stuttgart  |  http://www.LF.net
Reply to: