OpenSolaris

Printable Version Enter a New Search
Bug ID 6588015
Synopsis Missing "encap udp" must be better diagnosed by ipseckey(1M).
State 10-Fix Delivered (Fix available in build)
Category:Subcategory network:ipsec
Keywords
Responsible Engineer Dan Mcdonald
Reported Against
Duplicate Of
Introduced In solaris_10
Commit to Fix snv_73
Fixed In snv_73
Release Fixed solaris_nevada(snv_73) , solaris_10u7(s10u7_02) (Bug ID:2168188)
Related Bugs 6558864
Submit Date 1-August-2007
Last Update Date 15-September-2007
Description 
If I have input to ipseckey(1M) like this;

	add esp spi 0x1111 src foo dst bar encralg des encrkey 1234567890abcdef \
	    nat_loc external-ip

ipseckey(1M) will return a PF_KEY error about an unknown extension.  This is because
we allocate the space for the nat_loc address but do not fill it in.

We need to check for "encap udp", which turns on NAT-Traversal additions for an SA.
Work Around 
N/A
Comments 
N/A