[Bug 242744] IPSec in transport mode between FreeBSD hosts blackholes TCP traffic

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Tue Dec 24 14:31:24 UTC 2019


Andrey V. Elsukov <ae at FreeBSD.org> changed:

           What    |Removed                     |Added
                 CC|                            |ae at FreeBSD.org

--- Comment #21 from Andrey V. Elsukov <ae at FreeBSD.org> ---
I have the not yet fully thought idea how to fix this problem. I'll try to
implement it during coming holidays.

There are still unimplemented IPsec method IPSEC_CTLINPUT and unused hdrsz
field in the struct inpcbpolicy. We can use them to handle inbound ICMP
NEEDFRAG messages and adjust required room for TCP protocol.

You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-net mailing list