Bug 76731 - cipe doesn't establish without ME=W.X.Y.Z in ifcfg-cipcb0
Summary: cipe doesn't establish without ME=W.X.Y.Z in ifcfg-cipcb0
Keywords:
Status: CLOSED CANTFIX
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: cipe
Version: 8.0
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact: David Lawrence
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2002-10-25 16:18 UTC by Mark Cooke
Modified: 2007-04-18 16:47 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-10-18 14:41:42 UTC
Embargoed:

Attachments (Terms of Use)

Description Mark Cooke 2002-10-25 16:18:21 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003

Description of problem:
cipe interface created by gui tool did not have a ME=W.X.Y.Z line in
ifcfg-cipcb0.  With a dynamically assigned peer, cipe does not respond unless ME
is specified, so the VPN never comes up.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.Create a cipe device in the gui.  Leave the peer IP blank.
2.Attempt to bring the VPN up (both ends)
3.tcpdump the network looking for packets on the vpn ports.
	

Actual Results:  On the RH8.0 machine with a fixed IP, tcpdump shows packets
from the remote machine arriving, on the correct port.

The RH8.0 fixed-ip machine does not send a reply to the remote machine.

Expected Results:  The RH8.0 should have started sending replies and the VPN
should have been established.

Additional info:

The workaround was to manually add 'ME=W.X.Y.Z' to the fixed-ip address end of
the VPN.

After this, and down/up cipcb0 on the fixed ip machine, the tcpdump started
seeing replies to the remote dynamic ip machine, and the vpn came up.
Comment 1 Tomasz Kepczynski 2003-04-25 10:51:34 UTC 
The problem seems to be related to default setting of ME in ifup-cipcb. When no
ME is specified in options file and ifcfg file if is assigned 0.0.0.0. I would
then expect cipe demon to listen on all interfaces but it instead listens on
loopback interface which doesn't really make a lot of sense.
This was discovered on RH 7.3.
Comment 2 Bill Nottingham 2006-08-07 17:41:28 UTC 
Red Hat Linux is no longer supported by Red Hat, Inc. If you are still
running Red Hat Linux, you are strongly advised to upgrade to a
current Fedora Core release or Red Hat Enterprise Linux or comparable.
Some information on which option may be right for you is available at
http://www.redhat.com/rhel/migrate/redhatlinux/.

Red Hat apologizes that these issues have not been resolved yet. We do
want to make sure that no important bugs slip through the cracks.
Please check if this issue is still present in a current Fedora Core
release. If so, please change the product and version to match, and
check the box indicating that the requested information has been
provided. Note that any bug still open against Red Hat Linux on will be
closed as 'CANTFIX' on September 30, 2006. Thanks again for your help.
Comment 3 Bill Nottingham 2006-10-18 14:41:42 UTC 
Red Hat Linux is no longer supported by Red Hat, Inc. If you are still
running Red Hat Linux, you are strongly advised to upgrade to a
current Fedora Core release or Red Hat Enterprise Linux or comparable.
Some information on which option may be right for you is available at
http://www.redhat.com/rhel/migrate/redhatlinux/.

Closing as CANTFIX.
Note You need to log in before you can comment on or make changes to this bug.