[Bug 391370] [NEW] Cannot decapsulate IPv6 from ESP since 2.6.27
fredrik at kirei.se
Tue Jun 23 22:25:55 UTC 2009
Public bug reported:
Binary package hint: linux-image
Since linux kernel version 2.6.27 IPv6 packages recieved over IPSEC is
never decapsulated but silently dropped.
It can easily be verified since the module xfrm6_mode_tunnel isn't
inserted when installing a SPD containing policies for IPv6 via setkey.
Even if manually installed via modprobe, it is never used.
The policy itself installs and can be viewed with setkey -DP, but
incoming rules for IPv6 never gets any packages. Outgoing
(encapsulation) is working.
The result of this seems to be total failure of IPv6 over IPSEC for all
kernel versions >= 2.6.27.
Verified working versions:
Verified non-working versions:
** Affects: linux-meta (Ubuntu)
** Summary changed:
- Cannot decapsulate IPv6 från ESP since 2.6.27
+ Cannot decapsulate IPv6 from ESP since 2.6.27
Cannot decapsulate IPv6 from ESP since 2.6.27
You received this bug notification because you are a member of Kernel
Bugs, which is subscribed to linux-meta in ubuntu.
More information about the kernel-bugs