cryptodev stats?
Anyone know how to gather stats from the cryptodev device? In my case I installed the soekris vpn1401. I've noticed that the hifnstats, cryptotest, and associated source files in net and freebsd source trees seem not to exist in openbsd. Do these tools exist maybe in some other form or are there other ways to get statistical information from the card? # dmesg | grep hifn hifn0 at pci2 dev 2 function 0 "Hifn 7955/7954" rev 0x00: LZS 3DES ARC4 MD5 SHA1 RNG AES PK, 32KB dram, ivec 0x7d4 # vmstat -i interrupt total rate sab0 86990 hme0 6291783 23 pciide04604671 hifn0 2937744 10 dc0 3302845 12 dc11971220 clock26933555 99 Total40132215 148 Thanks ___ John Ruff [EMAIL PROTECTED] GPG Key: 0x1F691195 FGPR: 6B50 37C9 10F9 6C4A D381 54B8 319D 7DD9 1F69 1195 "No one can see past a choice they don't understand." --The Oracle
IKE Phase-II fails -> GETSPI: Operation not supported
***Please ignore previous post. Forgive me for not googling first. Answer: # sysctl net.inet.esp.enable=1 [previous post] I'm trying implement a IPSec/VPN tunnel and phase-II of the IKE negotiation is failing with the following errors seen from 'isakmpd - dKL -D A=90': 110340.763012 Default pf_key_v2_get_spi: GETSPI: Operation not supported 110340.763362 Default initiator_send_HASH_SA_NONCE: doi->get_spi failed 110340.763933 Default exchange_run: doi->initiator (0x86aa2380) failed This occurs after Phase-II proposals have been accepted. The other peer is functioning fine, I have other tunnels to it from Cisco PIXs and FreeBSD (raccon) boxes. Should this be reported as a bug? I'm running: 4.0-current (GENERIC #1103) - x86 Thanks.
IKE Phase-II fails -> GETSPI: Operation not supported
I'm trying implement a IPSec/VPN tunnel and phase-II of the IKE negotiation is failing with the following errors seen from 'isakmpd - dKL -D A=90': 110340.763012 Default pf_key_v2_get_spi: GETSPI: Operation not supported 110340.763362 Default initiator_send_HASH_SA_NONCE: doi->get_spi failed 110340.763933 Default exchange_run: doi->initiator (0x86aa2380) failed This occurs after Phase-II proposals have been accepted. The other peer is functioning fine, I have other tunnels to it from Cisco PIXs and FreeBSD (raccon) boxes. Should this be reported as a bug? I'm running: 4.0-current (GENERIC #1103) - x86 Thanks.