Hi,
On Thu, 17 Mar 2005 09:00:06 -0800
Sam Leffler [EMAIL PROTECTED] said:
sam Possibly; I can't tell from the patch if locks are held across calls
sam they should not be. I also worry about the effect of holding the various
sam locks for an extended period of time (will it impact packet
Hajimu UMEMOTO wrote:
Hi,
On Wed, 16 Mar 2005 10:17:14 -0800
Sam Leffler [EMAIL PROTECTED] said:
sam Note the change lacks any locking so if your SA db is changing there's a
sam good chance you'll blow up.
Ah, yes. I forgot the fact that FAST_IPSEC is mpsafe.
How about this? This is againt
Hi,
On Tue, 15 Mar 2005 13:23:07 -0800
Sam Leffler [EMAIL PROTECTED] said:
We are running into a case where there are too many SAs, and doing a
setkey -D would fail with a
recv: Resource temporarily unavailable
after displaying most of the associations.
Is there a way to get around
Hajimu UMEMOTO wrote:
KAME/NetBSD does it throuth sysctl. Since sysctl API is slightly
different between NetBSD and FreeBSD, I didn't merge it, yet.
Please try attached patch. This is mainly taken from NetBSD.
There is corresponding code in racoon, already. Please make sure to
copy
Hi,
On Wed, 16 Mar 2005 10:17:14 -0800
Sam Leffler [EMAIL PROTECTED] said:
sam Note the change lacks any locking so if your SA db is changing there's a
sam good chance you'll blow up.
Ah, yes. I forgot the fact that FAST_IPSEC is mpsafe.
How about this? This is againt sys/netipsec/key.c
Hi,
We are running into a case where there are too many SAs, and doing a setkey
-D would fail with a
recv: Resource temporarily unavailable
after displaying most of the associations.
Is there a way to get around this, or is there a hard limit ?
# setkey -D | grep ^172 | wc
186 372
Mike Tancsa wrote:
Hi,
We are running into a case where there are too many SAs, and doing a
setkey -D would fail with a
recv: Resource temporarily unavailable
after displaying most of the associations.
Is there a way to get around this, or is there a hard limit ?
# setkey -D | grep ^172 | wc
At 04:23 PM 15/03/2005, Sam Leffler wrote:
Mike Tancsa wrote:
Hi,
We are running into a case where there are too many SAs, and doing a
setkey -D would fail with a
recv: Resource temporarily unavailable
after displaying most of the associations.
Is there a way to get around this, or is there a
