View all products
Compute
Storage
Networking
Databases
Services
Solutions
Pricing
Library
Technical Resources
Community
Marketplace
What's New
Community Questions ipsec drops packets with size > ~300 on lucid with 2.6.35
Log in to Ask a Question

ipsec drops packets with size > ~300 on lucid with 2.6.35

networking

running 64bit ubuntu lucid on pvgrub, using racoon and ipsec-tools.

upgraded from standard 2.6.32 kernel to

linux-headers-virtual-lts-backport-maverick (2.6.35).

under 2.6.35, ipsec fails to process any packets with size > ~300 bytes. this was tested for pings, udp, and tcp traffic. also tested were different encryption / authentication schemes, including null schemes.

ifconfig doesn't show any errors, and tcpdump shows esp/ah packets arriving at eth0, but disappearing after that. i was unable to find any logs or stats to indicated where the packets were going.

it was only receiving packets that dissapeared. i was able to send esp/ah packets as normal bytes.

i ended up reverting back to 2.6.32 after trying for several days to diagnose the problem. everything is working again under 2.6.32.

any thoughts? … kernel bug?

1 Reply

Hmm, interesting kernel choice.

I don't see any relevant bugs specific to that package, nor did a quick search through the big Ubuntu kernel bug list find anything. Those would be the first two places I'd check, after testing to see whether you can reproduce it on a native maverick system.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct