[ipsec] why did not freebsd6.3 support icmp6 echo request on tunnel
mode ? it is ok on transport mode.
wang_jiabo
jiabwang at redhat.com
Mon Dec 1 18:22:13 PST 2008
Hello, all:
the following configuration is my setkey info. when I run " setkey -f
filename", system report "the result of line 4 :Invalid argument.
the result of line 6 : Invalid argument."
change "icmp6 128,0" to "icmp6 or any" , that is no problem .
or change "tunnel" to "transport" , that is no problem.
I do not know why , but the following configuration is no problem on
RHEL5.2
that FreeBSD6.3 need patch ?
could you give me explain
Thank you very much
flush;
spdflush;
add 3ffe:501:ffff:103:20a:ebff:fe85:9e56
3ffe:501:ffff:104:21d:fff:fe19:59fc esp 0x2000 -m tunnel -E 3des-cbc
"ipv6readylogo3des1to2req" -A hmac-sha1 “ipv6readysha11to2req”;
spdadd 3ffe:501:ffff:103:20a:ebff:fe85:9e56
3ffe:501:ffff:104:21d:fff:fe19:59fc icmp6 128,0 -P in ipsec
esp/tunnel/3ffe:501:ffff:103:20a:ebff:fe85:9e56-3ffe:501:ffff:104:21d:fff:fe19:59fc/require;
add 3ffe:501:ffff:104:21d:fff:fe19:59fc
3ffe:501:ffff:103:20a:ebff:fe85:9e56 esp 0x1000 -m tunnel -E 3des-cbc
"ipv6readylogo3des2to1req" -A hmac-sha1 “ipv6readysha12to1req”;
spdadd 3ffe:501:ffff:104:21d:fff:fe19:59fc
3ffe:501:ffff:103:20a:ebff:fe85:9e56 icmp6 128,0 -P out ipsec
esp/tunnel/3ffe:501:ffff:104:21d:fff:fe19:59fc-3ffe:501:ffff:103:20a:ebff:fe85:9e56/require;
More information about the freebsd-net
mailing list