[support] Destination unreachable from HA on BU???
Arnaud Ebalard
arno at natisbad.org
Wed Mar 25 04:02:20 JST 2009
Hi,
Mattias Blomqvist <mattias.blomqvist at gmail.com> writes:
> I've done some more research.
>
> I can't get it to work with either of the mip6d from nautilus6.org or
> from natisbad.org on either debian 4.0 or debian 5.0 with a variety of
> kernels. I'm currently on debian 5.0 and kernel 2.6.29. The kernel is
> before compiling checked with set_mip6_ipsec_fw_kernel_options.sh from
> natisbad.org to make sure all the correct options are set.
> Kernel 2.6.29 doesn't send destination unreachable as a patched 2.6.24 did.
>
> I'm currently investigating the xfrm setup and I have a question. A HA
> does both xfrm_ha_init() and xfrm_cn_init(). xfrm_ha_init() only sets
> up ipsec which I have turned off. xfrm_cn_init() says in its comments:
> /* Create policy for all BUs with home flag NOT set to
> use home address option */
>
> So where is the xfrm policy for BUs with home flag set ? Or isn't that
> policy needed for the HA?
>
> Just trying to understand things...
Can you post your kernel and umip config, please? Better asking even if
it does not make much sense considering what you report: you do not have
any firewall rules on the box?
> Would it be a good or bad idea to cross-post this to usagi-users?
Yep. Do not hesitate.
Cheers,
a+
More information about the Support
mailing list