https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219453
Bug ID: 219453 Summary: tcpmd5 kernel module regrassion Product: Base System Version: 11.0-STABLE Hardware: amd64 OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: zarych...@plan-b.pwste.edu.pl After upgrade from 11.0-STABLE r318137 to 11.1-PRERELEASE TCP MD5 signatures cannot be verified, so bird session cannot be established. Neither ISP, nor our side changed the configuration. Bird-1.6.3_1 was recompiled from port, but it doesn't fix the trouble. # cat /etc/ipsec.conf flush ; add x.x.x.y x.x.x.x tcp 0x1000 -A tcp-md5 "Password1234" ; add x.x.x.x x.x.x.y tcp 0x1001 -A tcp-md5 "Password1234" ; # setkey -D x.x.x.x x.x.x.y tcp mode=any spi=4097(0x00001001) reqid=0(0x00000000) A: tcp-md5 3647334d 72483753 4c4d5733 seq=0x00000000 replay=0 flags=0x00000040 state=mature created: May 22 12:25:03 2017 current: May 22 12:35:06 2017 diff: 603(s) hard: 0(s) soft: 0(s) last: May 22 12:25:09 2017 hard: 0(s) soft: 0(s) current: 6016(bytes) hard: 0(bytes) soft: 0(bytes) allocated: 94 hard: 0 soft: 0 sadb_seq=1 pid=37398 refcnt=1 x.x.x.y x.x.x.x tcp mode=any spi=4096(0x00001000) reqid=0(0x00000000) A: tcp-md5 3647334d 72483753 4c4d5733 seq=0x00000000 replay=0 flags=0x00000040 state=mature created: May 22 12:25:03 2017 current: May 22 12:35:06 2017 diff: 603(s) hard: 0(s) soft: 0(s) last: May 22 12:25:08 2017 hard: 0(s) soft: 0(s) current: 5680(bytes) hard: 0(bytes) soft: 0(bytes) allocated: 71 hard: 0 soft: 0 sadb_seq=0 pid=37398 refcnt=1 # netstat -sp tcp | grep signature 0 packets with matching signature received 4601 packets with bad signature received 42 times failed to make signature due to no SA 0 times unexpected signature received 30 times no signature provided by segment -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ freebsd-bugs@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"