Ubuntu
ipsec-tools package

racoon does not bind to interfaces brought up afterwards

Bug #972786 reported by Kaarle Ritvanen
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ipsec-tools (Ubuntu)
Expired
Low
Unassigned

Bug Description

Release: 11.04
racoon version: 1:0.7.3-12ubuntu1

When a new network interface is brought up, racoon does not bind to its address if already running. Many other daemon packages, such as openssh-server, contain a script in /etc/network/if-up.d to signal or restart the daemon in this situation. I think the racoon package should also come with such a script.

Tags: patch
Revision history for this message
Kaarle Ritvanen (kunkku) wrote :
Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "Suggested solution" of this bug report has been identified as being a patch. The ubuntu-reviewers team has been subscribed to the bug report so that they can review the patch. In the event that this is in fact not a patch you can resolve this situation by removing the tag 'patch' from the bug report and editing the attachment so that it is not flagged as a patch. Additionally, if you are member of the ubuntu-reviewers team please also unsubscribe the team from this bug report.

[This is an automated message performed by a Launchpad user owned by Brian Murray. Please contact him regarding any issues with the action taken in this bug report.]

tags: added: patch
James Page (james-page)
Changed in ipsec-tools (Ubuntu):
importance: Undecided → Medium
Marc Cluet (lynxman)
Changed in ipsec-tools (Ubuntu):
assignee: nobody → Marc Cluet (lynxman)
status: New → In Progress
Revision history for this message
James Page (james-page) wrote :

Hi Kaarle

Thanks for taking the time to report this bug.

I've been trying to reproduce your issue on 11.04 but at the moment I see racoon binding to new interfaces as they are started and stopped.

This is with the default configuration.

Is there anything in your config that would prevent this from happening?

Marking Incomplete pending your response.

Thanks

Changed in ipsec-tools (Ubuntu):
status: In Progress → Incomplete
importance: Medium → Low
James Page (james-page)
Changed in ipsec-tools (Ubuntu):
assignee: Marc Cluet (lynxman) → nobody
Revision history for this message
Kaarle Ritvanen (kunkku) wrote :

What kind of test case did you use? If you stop an interface and restart it while racoon is running, racoon has already bound to the IP address of the interface and will work, provided that the interface keeps the same address.

The problem occurs when racoon starts up while an interface is down for some reason and is started after racoon. This can easily happen on a laptop for the wireless interface when the airplane mode is engaged during boot.

Revision history for this message
Kaarle Ritvanen (kunkku) wrote :

I had a discussion on this issue with one of the upstream developers. According to him, racoon should observe the addition of a new IP address via a NETLINK socket, but this functionality is broken in versions prior to 0.8 causing it to fail with some configurations. He also mentioned that there was also a kernel bug related to this, which has since been fixed.

As I plan to upgrade to Precise quite soon, which ships with version 0.8, I think I can live with this bug, so this report can be closed.

Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for ipsec-tools (Ubuntu) because there has been no activity for 60 days.]

Changed in ipsec-tools (Ubuntu):
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.