Project

General

Profile

Actions

Bug #3417

closed

racoon crashes after mobile xauth login with fourth DNS server configured

Added by Jim Pingle almost 11 years ago. Updated over 10 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
IPsec
Target version:
Start date:
01/29/2014
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.1
Affected Architecture:
All

Description

If Mobile IPsec is configured to push DNS servers to clients, and you have four DNS servers configured, racoon will crash after a login with a signal 11. If you remove the fourth DNS server and only push three, it's OK.

There is nothing different in racoon.conf about the fourth server, only an additional line.

With three set:

        dns4 192.168.1.1;
        dns4 192.168.1.2;
        dns4 8.8.8.8;

With four set:

        dns4 192.168.1.1;
        dns4 192.168.1.2;
        dns4 8.8.8.8;
        dns4 8.8.4.4;

Racoon log:

Jan 29 09:55:24     racoon: [192.168.2.23] ERROR: notification INITIAL-CONTACT received in aggressive exchange.
Jan 29 09:55:24     racoon: INFO: NAT detected: ME PEER
Jan 29 09:55:24     racoon: INFO: Sending Xauth request
Jan 29 09:55:24     racoon: [Self]: INFO: ISAKMP-SA established 192.168.2.243[4500]-192.168.2.23[4500] spi:2407819ff7cee787:c0a2ff26abc2e3a0
Jan 29 09:55:24     racoon: INFO: Using port 0
Jan 29 09:55:24     racoon: user 'mobileuser1' authenticated
Jan 29 09:55:24     racoon: INFO: login succeeded for user "mobileuser1" 

System log:

Jan 29 09:55:33     kernel: pid 665 (racoon), uid 0: exited on signal 11 (core dumped)

If it's not easily fixable in racoon, we may just want to remove the fourth DNS field support from the GUI and the backend code.

Tested on 2.1, 2.1p1, and 2.1.1 -- same behavior.

Actions

Also available in: Atom PDF