Bug 130753
Summary: | named fails to operate if ipsec service is active | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Aleksander Adamowski <bugs-redhat> |
Component: | bind | Assignee: | Jason Vas Dias <jvdias> |
Status: | CLOSED NOTABUG | QA Contact: | Ben Levenson <benl> |
Severity: | high | Docs Contact: | |
Priority: | medium | ||
Version: | 2 | CC: | trevor |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i686 | ||
OS: | Linux | ||
URL: | http://archives.mandrakelinux.com/cooker/2004-02/msg06999.php | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2005-06-02 15:50:58 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Aleksander Adamowski
2004-08-24 11:12:56 UTC
openswan-2.1.4-5 is now part of the latest Fedora Core (rawhide) release (as of this Monday). You can download the source from ftp://download.fedora.redhat.com/pub/fedora/linux/core/development/i386/SRPMS/openswan-2.1.4-5.src.rpm and compile it for FC2; I've also compiled it for FC2 on the i386, and you can download this from: ftp://people.redhat.com/~jvdias/openswan-FC2/ Also BIND has been updated for FC2, to bind-9.2.4rc6-FC2_7 . I cannot duplicate your problem with bind-9.2.4rc6 and openswan-2.1.4-5 on FC2 ; but I do have a rather limited setup here - we're behind a firewall, so I run a fake 'root' nameserver , and only have one client connecting with dhcp and using my test nameserver. I set up host-host encryption with openswan for this one client and the server, and could not duplicate this problem. So please try out the new versions of bind and openswan ; if they do not fix your problem, please attach details of your configuration to this bug: ipsec configuration files, named configuration files and zone files. A tcpdump gathered when the problem is duplicated would also be very useful. If you do not want to append potentially sensitive information to this bug report, you can email it to me directly: jvdias. An additional note: I used to run freeswan with fc1 along with named on several machines and I never had the problem you list here. Since freeswan is so tempermental, I suspect there was something wonky with your freeswan config. PS: the new 2.6 kernel VPN stuff works great as an alternative to open/freeswan. Clearing out old bugs here. It appears this one was a non-issue - if not, please re-open . |