[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: isakmpd & "DELETE" message
On Sat, 12 Jun 1999, Håkan Olsson wrote:
> On Fri, 11 Jun 1999 henric@ncal.verio.com wrote:
>
> >
> > I'm trying to set up a VPN between my home box/private home network and
> > my work network. Everything seems to work for a while, but then I start
> > getting log messages like the following:
> >
> > Jun 11 13:35:53 box isakmpd: pf_key_v2_delete_spi: DELETE: No such
> > process
> > Jun 11 13:35:53 box last message repeated 3 times
> >
>
> Hi.
>
> The message you are seeing is isakmpd trying to clean up old SPIs that the
> kernel already has expired. I.e it is not an error, just a "notice". (We
> probably will change that message to be visible only when using the
> debugging flags.)
>
> The VPN itself should still be working, right?
It works just fine. However, the daemon does babble a lot. For example,
here's my current /var/log/messages (not a peep out of anything other than
isakmpd):
Jun 11 15:00:02 windfall newsyslog[17061]: logfile turned over
Jun 11 15:00:02 windfall syslogd: restart
Jun 11 15:06:52 windfall isakmpd: pf_key_v2_delete_spi: DELETE: No such
process
Jun 11 15:06:52 windfall isakmpd: pf_key_v2_delete_spi: DELETE: No such
process
Jun 11 15:07:37 windfall isakmpd: exchange_run: unexpected payload HASH
Jun 11 15:07:37 windfall isakmpd: exchange_run: unexpected payload DELETE
Jun 11 15:07:37 windfall isakmpd: pf_key_v2_delete_spi: DELETE: No such
process
Jun 11 15:07:37 windfall isakmpd: pf_key_v2_delete_spi: DELETE: No such
process
Jun 11 15:15:52 windfall isakmpd: pf_key_v2_delete_spi: DELETE: No such
process
Jun 11 15:16:13 windfall last message repeated 5 times
Jun 11 15:20:07 windfall isakmpd: message_recv: invalid cookie(s)
[*** hex stuff was here ***]
Jun 11 15:20:07 windfall isakmpd: dropped message from 1.0.0.1 port
500 due to notification type INVALID_COOKIE
Jun 11 15:25:13 windfall isakmpd: pf_key_v2_delete_spi: DELETE: No such
process
Jun 11 15:25:14 windfall last message repeated 3 times
Jun 11 15:33:40 windfall isakmpd: pf_key_v2_delete_spi: DELETE: No such
process
Jun 11 15:42:41 windfall last message repeated 9 times
Jun 11 15:51:29 windfall last message repeated 4 times
Jun 11 15:59:42 windfall last message repeated 2 times
Jun 11 16:00:02 windfall syslogd: restart
Jun 11 16:00:28 windfall isakmpd: pf_key_v2_delete_spi: DELETE: No such
process
Jun 11 16:00:28 windfall isakmpd: pf_key_v2_delete_spi: DELETE: No such
process
Jun 11 16:08:16 windfall isakmpd: pf_key_v2_delete_spi: DELETE: No such
process
Jun 11 16:09:03 windfall last message repeated 3 times
Jun 11 16:12:51 windfall isakmpd: exchange_run: unexpected payload HASH
Jun 11 16:12:51 windfall isakmpd: exchange_run: unexpected payload DELETE
Jun 11 16:17:16 windfall isakmpd: pf_key_v2_delete_spi: DELETE: No such
process
Jun 11 16:17:56 windfall last message repeated 4 times
Jun 11 16:17:56 windfall isakmpd: pf_key_v2_delete_spi: DELETE: No such
process
Jun 11 16:17:56 windfall isakmpd: exchange_run: unexpected payload HASH
Jun 11 16:17:56 windfall isakmpd: exchange_run: unexpected payload DELETE
Jun 11 16:26:17 windfall isakmpd: pf_key_v2_delete_spi: DELETE: No such
process
Jun 11 16:26:52 windfall last message repeated 4 times
Jun 11 16:26:52 windfall isakmpd: pf_key_v2_delete_spi: DELETE: No such
process
Jun 11 16:35:50 windfall last message repeated 6 times
Jun 11 16:52:56 windfall isakmpd: pf_key_v2_delete_spi: DELETE: No such
process
Jun 11 17:01:40 windfall last message repeated 3 times
Jun 11 17:01:40 windfall isakmpd: exchange_run: unexpected payload HASH
Jun 11 17:01:40 windfall isakmpd: exchange_run: unexpected payload DELETE
Jun 11 17:02:09 windfall isakmpd: pf_key_v2_delete_spi: DELETE: No such
process
Jun 11 17:02:09 windfall isakmpd: pf_key_v2_delete_spi: DELETE: No such
process
Hmmm... What's with the "unexpected payload" stuff? Or the "invalid
cookie"? Something I should be worried about?
I added it to a box running ipf/ipnat and everything just did The Right
Thing(TM). I suppose I have my M$ exposure to thank for my surprise...
Thanks for your time. And thanks to everyone for the effort put into this
stuff.
-------- Henric Jungheim ------------------- henric@aimnet.com --------