i had previously been having issues with automount being slow with this
new kernel and i tracked it down to dns delays which were being caused by
ipsec not working. i have spent a few hours poking around and ipsec seems
quite broken with this new kernel. esp packets go in and out just fine,
but when i look at ip xfrm stats on the machine with the new kernel, i see
that for input packets, the ah layer is being processed just fine, but the
esp layer is showing 0 bytes/packets and no errors. i can't find any
errors or other indications of what is going on.
is anyone else running a standard ipsec tunnel (using the standard ifcfg
method for creating the tunnel) under this new kernel? i know that a new
5.2 kernel should be coming soon, but i worry that whatever broke this
version may happen there as well.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
