[prev in list] [next in list] [prev in thread] [next in thread]
List: ipfilter
Subject: Re: Solaris 8 + IPsec tunnel + ipf = panic
From: "bsd unix" <bsdunix () mail ! com>
Date: 2003-02-28 20:51:53
[Download RAW message or body]
> I wrote:
> >panic: ptl1 trap reason 0x2
> >
> >panicsys(104236b0,1040c278,104082a8,78002000,0,f) + 44
> >vpanic(104082a8,1040c278,31,0,2a1,30000f41d70) + cc
> >panic(104082a8,2,0,0,0,2a382c0) + 1c
> >sys_tl1_panic(5f029f61b8,2a100041fc8,0,120,0,0) + 8
> >fr_qout(1,78037868,20,102eb154,0,3000110db18) + 400
Casper.Dik@Sun.COM wrote:
> Stack overflows in the scenario do not happen because lack of
> stack but because the algorithms goes into a loop,
> recursing on the stack.
I had a feeling that was the problem :)
> I've had that happen when something goes wrong, routing
> wise. I do *not* use two default routes myself; rather a handfu;
> of "preferred routes" plus one default route.
>
> What exact rules do you use? You need to explicitely forward
> to the first hop router on the other interface.
That should match what I have (where the .1's are routers):
pass out quick on hme2 to hme0:10.1.1.1 from 10.1.1.2 to any
pass out quick on hme0 to hme2:10.2.2.1 from 10.2.2.2 to any
[snip bunch of simple block rules]
The tunnel runs over one of the default routes. I add a static
route on one endpoint to direct the vpn traffic through the tunnel.
Thanks very much for the quick response!! If there's any more
information I can provide, please let me know.
--
__________________________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic