kern/87107: Boot process will not complete with IPSEC enabled
and no ipsec.conf file
Ken Diliberto
ken at kdmd.net
Mon Dec 25 16:04:38 PST 2006
I just tested this under FreeBSD 6.2 RC1 and confirmed the problem.
/etc/rc.conf:
ipsec_enable="YES"
/etc/ipsec.conf does not exist.
Reboot.
The console shows an error and asks for a shell to load.
Comment out the ipsec_enable line and the system boots normally. Sorry,
no logs to include. :-(
If you're working on a box locally, you can fix the boot problem. If
it's a remote box, you're in trouble until someone can visit it.
Ken
Remko Lodder wrote:
> Synopsis: Boot process will not complete with IPSEC enabled and no ipsec.conf file
>
> State-Changed-From-To: open->closed
> State-Changed-By: remko
> State-Changed-When: Mon Dec 25 14:31:45 UTC 2006
> State-Changed-Why:
> This is not true, data will just not be encrypted if the ipsec.conf is not
> there (since the gw does not know the encryption domain of the remote host
> so to say). You probably had an " too much somewhere, causing a broken /etc/rc.conf
> which results in the behaviour you are seeing.
>
> Since i am fairly confident this is the case i will close the PR. If I am wrong
> (yes ofcourse I can be wrong ;-)) please poke me and I will look together with the
> submitter how we can resolve this.
>
>
> Responsible-Changed-From-To: freebsd-bugs->remko
> Responsible-Changed-By: remko
> Responsible-Changed-When: Mon Dec 25 14:31:45 UTC 2006
> Responsible-Changed-Why:
> grab the PR to get the feedback.
>
> http://www.freebsd.org/cgi/query-pr.cgi?pr=87107
More information about the freebsd-bugs
mailing list