Text only | Text with Images

OPNsense Forum

Archive => 21.1 Legacy Series => Topic started by: igpit on February 12, 2021, 10:10:45 AM

Title: current state of IPSec VTI related to lost TCP traffic - open FreBSD Bug #242744
Post by: igpit on February 12, 2021, 10:10:45 AM
hello,

AFAIK ipsec VTI is usable in opnsense but there still seems to be a major open bug:

IPSec in transport mode between FreeBSD hosts blackholes TCP traffic
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=242744

the corresponding opnsense issue has been closed due to inactivity 03-2020
https://github.com/opnsense/core/issues/3674

... only in transport mode? i think this happened to us in tunnel mode...

... shouldn't this bug be listed as known issue? or is there a workaround implemented in opnsense by now?
Title: Re: current state of IPSec VTI related to lost TCP traffic - open FreBSD Bug #242744
Post by: franco on February 13, 2021, 09:39:53 PM
The bug can be reopened when we have a way to know what should be fixed. If the fix needs to be produced by FreeBSD there isn't much we can do also. We simply can't keep hundreds of tickets open where nothing happens for months due to any possible reason.


Cheers,
Franco
Text only | Text with Images