current state of IPSec VTI related to lost TCP traffic - open FreBSD Bug #242744

Started by igpit, February 12, 2021, 10:10:45 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 12, 2021, 10:10:45 AM Last Edit: February 12, 2021, 01:33:26 PM by igpit
hello,

AFAIK ipsec VTI is usable in opnsense but there still seems to be a major open bug:

IPSec in transport mode between FreeBSD hosts blackholes TCP traffic
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=242744

the corresponding opnsense issue has been closed due to inactivity 03-2020
https://github.com/opnsense/core/issues/3674

... only in transport mode? i think this happened to us in tunnel mode...

... shouldn't this bug be listed as known issue? or is there a workaround implemented in opnsense by now?
February 13, 2021, 09:39:53 PM #1
The bug can be reopened when we have a way to know what should be fixed. If the fix needs to be produced by FreeBSD there isn't much we can do also. We simply can't keep hundreds of tickets open where nothing happens for months due to any possible reason.


Cheers,
Franco
Print
Go Up Pages1
User actions