Victor Sudakov wrote: > Michael Sierchio wrote: > > > > What is the result of > > > > > sysctl net.enc > > ot@fbsd-test1:~ # sysctl net.enc > net.enc.out.ipsec_bpf_mask: 3 > net.enc.out.ipsec_filter_mask: 0 > net.enc.in.ipsec_bpf_mask: 1 > net.enc.in.ipsec_filter_mask: 0 > > > > > ? This might be a clue about the packets, which you could be seeing twice. > > > > An artifact of enc0, you think ? Are the above settings sending the > packets to if_enc twice?
I just made a small experiment: sent 20 pings from 192.168.246.10 to 192.168.246.11, and I see that each echo reply is duplicated, so there are 60 packets totally in the traffic dump: 20 requests and 40 replies: http://admin.sibptus.ru/~vas/i1.pcap So this is most probably the artifact of if_enc. What is then the correct way to capture data with it? -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN 2:5005/49@fidonet http://vas.tomsk.ru/
signature.asc
Description: PGP signature
