[Bug 332606] [NEW] Racoon 0.7 fails with address already in use

Martin Fuzzey mfuzzey at gmail.com
Sat Feb 21 17:59:45 GMT 2009 

Public bug reported:

Binary package hint: ipsec-tools

after upgrading from 8.04 to 8.10 (racoon 1:0.6.7-1ubuntu1 to
1:0.7-2.1ubuntu1) ipsec connections fail with these lines in the log:

Feb 21 16:04:15 portableHP racoon: INFO: ISAKMP-SA established 192.168.10.10[4500]-81.80.172.213[4500] spi:0574a13bd4c8aefe:e2d8e1c7f55e62cb 
Feb 21 16:04:15 portableHP racoon-parkeon-phase1-up.sh: Starting
Feb 21 16:04:15 portableHP racoon-parkeon-phase1-up.sh: LOCAL_ADDR = 192.168.10.10
Feb 21 16:04:15 portableHP racoon-parkeon-phase1-up.sh: LOCAL_PORT = 4500
Feb 21 16:04:15 portableHP racoon-parkeon-phase1-up.sh: REMOTE_ADDR = 81.80.172.213
Feb 21 16:04:15 portableHP racoon-parkeon-phase1-up.sh: REMOTE_PORT = 4500
Feb 21 16:04:15 portableHP racoon-parkeon-phase1-up.sh: DEFAULT_GW = 192.168.10.2
Feb 21 16:04:15 portableHP racoon-parkeon-phase1-up.sh: INTERNAL_ADDR4 = 192.168.190.12
Feb 21 16:04:15 portableHP racoon-parkeon-phase1-up.sh: INTERNAL_DNS4 = 192.168.76.215
Feb 21 16:04:15 portableHP racoon-parkeon-phase1-up.sh: Setting up resolv.conf
Feb 21 16:04:15 portableHP racoon-parkeon-phase1-up.sh: Setting up routes
Feb 21 16:04:16 portableHP racoon: NOTIFY: NAT-T is enabled, autoconfiguring ports 
Feb 21 16:04:16 portableHP racoon: ERROR: failed to bind to address 127.0.0.1[500] (Address already in use). 
Feb 21 16:04:16 portableHP racoon: ERROR: failed to bind to address 127.0.0.1[4500] (Address already in use). 
Feb 21 16:04:16 portableHP racoon: ERROR: failed to bind to address 192.168.10.10[500] (Address already in use). 
Feb 21 16:04:16 portableHP racoon: ERROR: failed to bind to address 192.168.10.10[4500] (Address already in use). 

ie just after the phase 1 completes [ the racoon-parkeon stuff is
generated by my scripts]

The problem has already been fixed upstream (in their CVS) but not yet
released even in 0.7.1

Applying the patch ipsec-tools-0.7-cvs-iface.patch contained in the tgz
dowloadable from https://bugzilla.redhat.com/show_bug.cgi?id=273261
fixes the problem.

For convenience I'm attaching the patch here too.

If there will be no new upstream release soon could this patch be
applied by ubuntu (or debian) as redhat have done?

Cheers,

Martin

** Affects: ipsec-tools (Ubuntu)
     Importance: Undecided
         Status: New

-- 
Racoon 0.7 fails with address already in use
https://bugs.launchpad.net/bugs/332606
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ipsec-tools in ubuntu.

More information about the Ubuntu-server-bugs mailing list