Posted: Sun Jun 21, 2020 3:15 Post subject: Cannot add XFRM or VTI Interfaces
Hello,
What is the correct syntax to add XFRMI or VTI interfaces?
root@DD-WRT:~# ip link add xfrm0 type xfrm dev ipsec0 if_id 42
ip: RTNETLINK answers: Not supported
root@DD-WRT:~# ip link add vti0 type vti dev ipsec0 if_id 42
ip: RTNETLINK answers: Not supported
root@DD-WRT:~#
Or perhaps I'm missing a module?
DD-WRT v3.0-r40854 std (08/29/19)
Linux DD-WRT 4.4.190 #1092 SMP Thu Aug 29 11:32:59 +04 2019 armv7l DD-WRT
[ EDIT ] ----------------------------------
BACKGROUND
Configuring StrongSwan on DD-WRT. Everything works fine and tunnels are created however I can't ping or access REMOTE VM's.
( Why is xfrm6_tunnel.ko installed but xfrm4_tunnel.ko missing? Should it even be there in the kernel image? )
Pinging, ssh etc access works find from REMOTE to LOCAL. But not LOCAL to REMOTE with strongswan-kernel-libipsec included. This I find odd because it seems to indicate the Remote to Strongswan connection is fine, just routing and forwarding packets from the DD-WRT router over to the Remote instances isn't working. Tried a tcpdump, but no reply:
root@DD-WRT:~# tcpdump -i ipsec0 -s 0 -n
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ipsec0, link-type RAW (Raw IP), snapshot length 262144 bytes
08:44:28.318516 IP 100.100.100.100 > 10.10.0.4: ICMP echo request, id 36426, seq 0, length 64
08:44:29.325741 IP 100.100.100.100 > 10.10.0.4: ICMP echo request, id 36426, seq 1, length 64
What's also interesting, is that with this new config:
However, I don't see anything going further than the ipsec0 interface that ipsec creates when starting up. It's a bit of a black box between there and the remote machine.
The only time I couldn't ping from REMOTE to LOCAL is when I was missing these F/W rules.
Thinking something similar was needed but for the reverse. Still looking at some StrongSwan recommendations to add XFRM, VTI or GRE interfaces, however, I get:
root@DD-WRT:~# ip link add xfrm0 type xfrm dev ipsec0 if_id 42
ip: RTNETLINK answers: Not supported
root@DD-WRT:~# ip link add vti0 type vti dev ipsec0 if_id 42
ip: RTNETLINK answers: Not supported
root@DD-WRT:~#
Trying GRE but:
root@DD-WRT:~# ip tunnel add ipsec01 local 100.100.100.100 remote 123.123.123.123 mode gre
ip: ioctl 0x89f1 failed: No such device
root@DD-WRT:~#
root ~ linux-2.6.23 make modules
ccache: error: execv of /xfs/toolchains/toolchain-mipsel_gcc4.1.2/bin/mipsel-linux-uclibc-gcc failed: No such file or directory
scripts/kconfig/conf -s arch/mips/Kconfig
drivers/mtd/devices/Kconfig:8:warning: leading whitespace ignored
.config:816:warning: trying to assign nonexistent symbol MADWIFI
.config:991:warning: trying to assign nonexistent symbol USB_EHCI_SPLIT_ISO
.config:1093:warning: trying to assign nonexistent symbol USB_BERRY_CHARGE
*
* Restart config...
*
*
* Support for Broadcom MIPS based boards
*
Support for Broadcom BCM947XX (BCM947XX) [Y/n] y
Support for Broadcom BCM47XX processors (BCM47XX) [Y/n] y
Nvram size 60k (NVRAM_60K) [N/y] (NEW) y
Nvram size 64k (NVRAM_64K) [N/y] (NEW) y
Support for Using DSCP based IP forwarding (BCMIPDSCP) [N/y] n
Support for performance profiling (HND_BMIPS3300_PROF) [N/y] n
*
* Networking options
*
Packet socket (PACKET) [Y/n/m/?] y
Packet socket: mmapped IO (PACKET_MMAP) [Y/n/?] y
Unix domain sockets (UNIX) [Y/n/m/?] y
Transformation user configuration interface (XFRM_USER) [N/m/y/?] (NEW) y
Transformation sub policy support (EXPERIMENTAL) (XFRM_SUB_POLICY) [N/y/?] (NEW) y
Transformation migrate database (EXPERIMENTAL) (XFRM_MIGRATE) [N/y/?] (NEW) y
PF_KEY sockets (NET_KEY) [N/m/y/?] n
PF_RING sockets (EXPERIMENTAL) (RING) [Y/n/m/?] y
TCP/IP networking (INET) [Y/n/?] y
IP: multicasting (IP_MULTICAST) [Y/n/?] y
IP: advanced router (IP_ADVANCED_ROUTER) [Y/n/?] y
Choose IP: FIB lookup algorithm (choose FIB_HASH if unsure)
> 1. FIB_HASH (ASK_IP_FIB_HASH)
2. FIB_TRIE (IP_FIB_TRIE)
choice[1-2]: 1
IP: policy routing (IP_MULTIPLE_TABLES) [Y/n/?] y
IP: equal cost multipath (IP_ROUTE_MULTIPATH) [Y/n/?] y
IP: verbose route monitoring (IP_ROUTE_VERBOSE) [N/y/?] n
IP: kernel level autoconfiguration (IP_PNP) [N/y/?] n
IP: tunneling (NET_IPIP) [Y/n/m/?] y
IP: GRE tunnels over IP (NET_IPGRE) [Y/n/m/?] y
IP: broadcast GRE over IP (NET_IPGRE_BROADCAST) [Y/n/?] y
IP: ethernet-in-IP tunneling (NET_ETHERIP) [N/m/y/?] (NEW) y
IP: multicast routing (IP_MROUTE) [Y/n/?] y
IP: PIM-SM version 1 support (IP_PIMSM_V1) [Y/n/?] y
IP: PIM-SM version 2 support (IP_PIMSM_V2) [Y/n/?] y
IP: ARP daemon support (EXPERIMENTAL) (ARPD) [N/y/?] n
IP: TCP syncookie support (disabled per default) (SYN_COOKIES) [Y/n/?] y
IP: AH transformation (INET_AH) [N/m/y/?] n
IP: ESP transformation (INET_ESP) [N/m/y/?] n
IP: IPComp transformation (INET_IPCOMP) [N/m/y/?] n
IP: IPsec transport mode (INET_XFRM_MODE_TRANSPORT) [Y/n/m/?] (NEW) Y
IP: IPsec tunnel mode (INET_XFRM_MODE_TUNNEL) [Y/n/m/?] (NEW) Y
IP: IPsec BEET mode (INET_XFRM_MODE_BEET) [Y/n/m/?] (NEW) Y
INET: socket monitoring interface (INET_DIAG) [Y/n/m/?] y
TCP: MD5 Signature Option support (RFC2385) (EXPERIMENTAL) (TCP_MD5SIG) [N/y/?] n
The IPv6 protocol (IPV6) [M/n/y/?] m
IPv6: Privacy Extensions support (IPV6_PRIVACY) [Y/n/?] y
IPv6: Router Preference (RFC 4191) support (IPV6_ROUTER_PREF) [Y/n/?] y
IPv6: Route Information (RFC 4191) support (EXPERIMENTAL) (IPV6_ROUTE_INFO) [Y/n/?] y
IPv6: Enable RFC 4429 Optimistic DAD (EXPERIMENTAL) (IPV6_OPTIMISTIC_DAD) [Y/n/?] y
IPv6: AH transformation (INET6_AH) [N/m/?] n
IPv6: ESP transformation (INET6_ESP) [N/m/?] n
IPv6: IPComp transformation (INET6_IPCOMP) [N/m/?] n
IPv6: Mobility (EXPERIMENTAL) (IPV6_MIP6) [N/m/?] n
IPv6: IPsec transport mode (INET6_XFRM_MODE_TRANSPORT) [M/n/?] (NEW) M
IPv6: IPsec tunnel mode (INET6_XFRM_MODE_TUNNEL) [M/n/?] (NEW) M
IPv6: IPsec BEET mode (INET6_XFRM_MODE_BEET) [M/n/?] (NEW) M
IPv6: MIPv6 route optimization mode (EXPERIMENTAL) (INET6_XFRM_MODE_ROUTEOPTIMIZATION) [N/m/?] (NEW) m
IPv6: IPv6-in-IPv4 tunnel (SIT driver) (IPV6_SIT) [M/n/?] m
IPv6: IPv6-in-IPv6 tunnel (IPV6_TUNNEL) [N/m/?] n
IPv6: Multiple Routing Tables (IPV6_MULTIPLE_TABLES) [N/y/?] n
Security Marking (NETWORK_SECMARK) [Y/n/?] y
*
* Core Netfilter Configuration
*
Netfilter netlink interface (NETFILTER_NETLINK) [Y/n/m/?] y
Netfilter NFQUEUE over NFNETLINK interface (NETFILTER_NETLINK_QUEUE) [Y/n/m/?] y
Netfilter LOG over NFNETLINK interface (NETFILTER_NETLINK_LOG) [Y/n/m/?] y
Netfilter connection tracking support (NF_CONNTRACK_ENABLED) [Y/n/m/?] y
Connection tracking flow accounting (NF_CT_ACCT) [Y/?] y
Connection mark tracking support (NF_CONNTRACK_MARK) [Y/?] y
Connection tracking security mark support (NF_CONNTRACK_SECMARK) [Y/n/?] y
Connection tracking events (EXPERIMENTAL) (NF_CONNTRACK_EVENTS) [Y/n/?] y
SCTP protocol connection tracking support (EXPERIMENTAL) (NF_CT_PROTO_SCTP) [Y/n/m/?] y
UDP-Lite protocol connection tracking support (EXPERIMENTAL) (NF_CT_PROTO_UDPLITE) [Y/n/m/?] y
Amanda backup protocol support (NF_CONNTRACK_AMANDA) [Y/n/m/?] y
FTP protocol support (NF_CONNTRACK_FTP) [Y/n/m/?] y
H.323 protocol support (EXPERIMENTAL) (NF_CONNTRACK_H323) [M/n/?] m
IRC protocol support (NF_CONNTRACK_IRC) [Y/n/m/?] y
NetBIOS name service protocol support (EXPERIMENTAL) (NF_CONNTRACK_NETBIOS_NS) [Y/n/m/?] y
PPtP protocol support (NF_CONNTRACK_PPTP) [M/n/y/?] m
SANE protocol support (EXPERIMENTAL) (NF_CONNTRACK_SANE) [N/m/y/?] n
SIP protocol support (EXPERIMENTAL) (NF_CONNTRACK_SIP) [N/m/y/?] n
TFTP protocol support (NF_CONNTRACK_TFTP) [Y/n/m/?] y
Connection tracking netlink interface (EXPERIMENTAL) (NF_CT_NETLINK) [Y/n/m/?] y
Netfilter Xtables support (required for ip_tables) (NETFILTER_XTABLES) [Y/?] y
"CLASSIFY" target support (NETFILTER_XT_TARGET_CLASSIFY) [Y/n/m/?] y
"CONNMARK" target support (NETFILTER_XT_TARGET_CONNMARK) [Y/n/m/?] y
"DSCP" target support (NETFILTER_XT_TARGET_DSCP) [Y/n/m/?] y
"MARK" target support (NETFILTER_XT_TARGET_MARK) [Y/n/m/?] y
"NFQUEUE" target Support (NETFILTER_XT_TARGET_NFQUEUE) [Y/n/m/?] y
"NFLOG" target support (NETFILTER_XT_TARGET_NFLOG) [Y/n/m/?] y
"NOTRACK" target support (NETFILTER_XT_TARGET_NOTRACK) [Y/n/m/?] y
"TRACE" target support (NETFILTER_XT_TARGET_TRACE) [N/m/y/?] n
"SECMARK" target support (NETFILTER_XT_TARGET_SECMARK) [Y/n/m/?] y
"CONNSECMARK" target support (NETFILTER_XT_TARGET_CONNSECMARK) [Y/n/m/?] y
"TCPMSS" target support (NETFILTER_XT_TARGET_TCPMSS) [Y/n/m/?] y
"comment" match support (NETFILTER_XT_MATCH_COMMENT) [Y/n/m/?] y
"connbytes" per-connection counter match support (NETFILTER_XT_MATCH_CONNBYTES) [Y/n/m/?] y
"connlimit" match support" (NETFILTER_XT_MATCH_CONNLIMIT) [Y/n/m/?] y
"connmark" connection mark match support (NETFILTER_XT_MATCH_CONNMARK) [M/n/y/?] m
"conntrack" connection tracking match support (NETFILTER_XT_MATCH_CONNTRACK) [Y/n/m/?] y
"DCCP" protocol match support (NETFILTER_XT_MATCH_DCCP) [Y/n/m/?] y
"DSCP" match support (NETFILTER_XT_MATCH_DSCP) [Y/n/m/?] y
"ESP" match support (NETFILTER_XT_MATCH_ESP) [Y/n/m/?] y
"helper" match support (NETFILTER_XT_MATCH_HELPER) [Y/n/m/?] y
"length" match support (NETFILTER_XT_MATCH_LENGTH) [Y/n/m/?] y
"limit" match support (NETFILTER_XT_MATCH_LIMIT) [Y/n/m/?] y
"mac" address match support (NETFILTER_XT_MATCH_MAC) [M/n/y/?] m
"mark" match support (NETFILTER_XT_MATCH_MARK) [M/n/y/?] m
IPsec "policy" match support (NETFILTER_XT_MATCH_POLICY) [N/m/y/?] (NEW) y
Multiple port match support (NETFILTER_XT_MATCH_MULTIPORT) [Y/n/m/?] y
"physdev" match support (NETFILTER_XT_MATCH_PHYSDEV) [N/m/y/?] n
"pkttype" packet type match support (NETFILTER_XT_MATCH_PKTTYPE) [Y/n/m/?] y
"quota" match support (NETFILTER_XT_MATCH_QUOTA) [Y/n/m/?] y
"realm" match support (NETFILTER_XT_MATCH_REALM) [Y/n/m/?] y
"sctp" protocol match support (EXPERIMENTAL) (NETFILTER_XT_MATCH_SCTP) [Y/n/m/?] y
"state" match support (NETFILTER_XT_MATCH_STATE) [Y/n/m/?] y
"statistic" match support (NETFILTER_XT_MATCH_STATISTIC) [Y/n/m/?] y
"string" match support (NETFILTER_XT_MATCH_STRING) [Y/n/m/?] y
"tcpmss" match support (NETFILTER_XT_MATCH_TCPMSS) [Y/n/m/?] y
"u32" match support (NETFILTER_XT_MATCH_U32) [Y/n/m/?] y
"hashlimit" match support (NETFILTER_XT_MATCH_HASHLIMIT) [Y/n/m/?] y
Asynchronous Transfer Mode (ATM) (EXPERIMENTAL) (ATM) [N/m/y/?] n
802.1d Ethernet Bridging (BRIDGE) [Y/n/m/?] y
802.1Q VLAN Support (VLAN_8021Q) [Y/n/m/?] y
DECnet Support (DECNET) [N/m/y/?] n
ANSI/IEEE 802.2 LLC type 2 Support (LLC2) [N/m/y/?] n
The IPX protocol (IPX) [N/m/y/?] n
Appletalk protocol support (ATALK) [N/m/y/?] n
CCITT X.25 Packet Layer (EXPERIMENTAL) (X25) [N/m/y/?] n
LAPB Data Link Driver (EXPERIMENTAL) (LAPB) [N/m/y/?] n
Acorn Econet/AUN protocols (EXPERIMENTAL) (ECONET) [N/m/y/?] n
WAN router (WAN_ROUTER) [N/m/y/?] n
#
# configuration written to .config
#
ccache: error: execv of /xfs/toolchains/toolchain-mipsel_gcc4.1.2/bin/mipsel-linux-uclibc-gcc failed: No such file or directory
ccache: error: execv of /xfs/toolchains/toolchain-mipsel_gcc4.1.2/bin/mipsel-linux-uclibc-gcc failed: No such file or directory
ccache: error: execv of /xfs/toolchains/toolchain-mipsel_gcc4.1.2/bin/mipsel-linux-uclibc-gcc failed: No such file or directory
CHK include/linux/version.h
UPD include/linux/version.h
CHK include/linux/utsrelease.h
UPD include/linux/utsrelease.h
SYMLINK include/asm -> include/asm-mips
CC arch/mips/kernel/asm-offsets.s
ccache: error: execv of /xfs/toolchains/toolchain-mipsel_gcc4.1.2/bin/mipsel-linux-uclibc-gcc failed: No such file or directory
make[1]: *** [arch/mips/kernel/asm-offsets.s] Error 1
make: *** [prepare0] Error 2
root ~ linux-2.6.23 find ./ -iname mipsel-linux-uclibc-gcc*
root ~ linux-2.6.23 find ./ -iname *mipsel-linux-uclibc-gcc*
root ~ linux-2.6.23 pwd
/root/linux-2.6.23
root ~ linux-2.6.23 find ./ -iname *mipsel-linux-uclibc-gcc*
root ~ linux-2.6.23
What's the correct src repo for compiling the Broadcom modules for BCM4708? Tried a few. not working:
Code:
root ~ linux-4.4 history|grep svn
873 yum install svn
874 svn co svn://svn.dd-wrt.com/browser/src/linux/brcm/linux.v24_2
875 svn co svn://svn.dd-wrt.com/browser/src/linux/brcm/
876 svn co https://svn.dd-wrt.com/browser/src/linux/brcm/
877 svn co http://svn.dd-wrt.com/browser/src/linux/brcm/
878 svn co https://svn.dd-wrt.com/browser/src/linux/brcm/linux.v24_2
879 svn co svn://svn.dd-wrt.com/DD-WRT/src/linux/brcm/linux-2.6.23
880 svn co svn://svn.dd-wrt.com/DD-WRT/src/linux/brcm/linux/linux.v24_2
881 svn co svn://svn.dd-wrt.com/DD-WRT/src/linux/brcm/linux.v24_2
891 svn co svn://svn.dd-wrt.com/DD-WRT/src/linux/brcm/linux.v24
1060 history|grep svn
1062 svn co https://svn.dd-wrt.com/browser/src/linux/universal/linux-4.4
1063 svn co https://svn.dd-wrt.com/DD-WRT/src/linux/universal/linux-4.4
1064 svn co httpssvn://svn.dd-wrt.com/DD-WRT/src/linux/universal/linux-4.4
1065 svn co svn://svn.dd-wrt.com/DD-WRT/src/linux/universal/linux-4.4
1108 history|grep svn
root ~ linux-4.4 make config
Makefile:534: arch//Makefile: No such file or directory
make: *** No rule to make target `arch//Makefile'. Stop.
root ~ linux-4.4 make clean
Makefile:632: arch//Makefile: No such file or directory
make: *** No rule to make target `arch//Makefile'. Stop.
root ~ linux-4.4
root ~ linux-4.4 make modules
Makefile:632: arch//Makefile: No such file or directory
make: *** No rule to make target `arch//Makefile'. Stop.
root ~ linux-4.4
Joined: 16 Nov 2015 Posts: 6437 Location: UK, London, just across the river..
Posted: Wed Jun 24, 2020 12:52 Post subject:
v3.0-r40854 is an old build...and Kong builds ware ok with SSW and IPsec but not BS builds......according to the SVN IPsec and SSw... things ware WIP by that time try a newer build...it may help...
I guess you use R7000... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
And I really need OSPF. Do you gentlemen know if FRRouting has been tested on any of the newer versions since I posted the two above?
This is what I have:
Asus RT-AC68U
Firmware Version DD-WRT v3.0-r40854 std (08/29/19)
Linux 4.4.190 #1092 SMP Thu Aug 29 11:32:59 +04 2019 armv7l
Broadcom BCM4708
I'll try OpenWRT later tonight. Now do you mean there could be a direct links to where I can at least find the xfrm_user.ko modules off their site or do you mean I would have to source and compile off their page? What would be the link?
Also, what would be the correct SVN link and toolchains to successfully compile off the DD-WRT sources? Ones I tried above weren't working.
Joined: 08 May 2018 Posts: 14221 Location: Texas, USA
Posted: Wed Jun 24, 2020 13:22 Post subject:
Almost thought I misspoke about the OpenWRT capability. The kmod packages listed in this directory are the ones that are available for k4.4 Broadcom ARM:
not realizing what you mentioned. But taking a closer look, I see what you mean now. Sorry totally missed one is ARM the other is MIPS. ( I blame useless meetings for this.)
root@DD-WRT:/opt# ipkg list kmod-ipsec4_4.4.182-1_arm_cortex-a9.ipk
ERROR: File not found: //usr/local/lib/ipkg/lists/bluering
You probably want to run `ipkg update'
root@DD-WRT:/opt#
root@DD-WRT:/opt#
root@DD-WRT:/opt# ipkg files kmod-ipsec4_4.4.182-1_arm_cortex-a9.ipk
root@DD-WRT:/opt# echo $?
0
root@DD-WRT:/opt# ipkg update
mkdir: can't create directory '//usr/local/lib/': Read-only file system
root@DD-WRT:/opt#
Hmm, looks like I'll have to spend some time reading about ipkg (not configured, yet) vs opkg (works, configured). Couldn't list the contents. Still, it installed ok.
Code:
root@DD-WRT:/opt# df -h
Filesystem Size Used Available Use% Mounted on
/dev/root 26.1M 26.1M 0 100% /
/dev/mtdblock/4 96.0M 2.4M 93.6M 2% /jffs
/dev/sda 3.8G 53.8M 3.5G 1% /opt
root@DD-WRT:/opt#
Code:
root@DD-WRT:/jffs# ipkg -d root install /opt/kmod-ipsec4_4.4.182-1_arm_cortex-a9.ipk
ERROR: File not found: //usr/local/lib/ipkg/lists/bluering
You probably want to run `ipkg update'
Unpacking kmod-ipsec4...Done.
Configuring kmod-ipsec4...Done.
root@DD-WRT:/jffs#
Hmm, nope. Loading /jffs/lib/modules/4.4.182/xfrm4_tunnel.ko is fine.
But when typing lsmod, that is when it crashes:
Code:
Message from syslogd@dd-wrt.mds.xyz at Jun 24 21:28:20 ...
kernel: Internal error: Oops - BUG: 7 [#1] SMP ARM
Message from syslogd@192.168.0.6 at Jun 24 21:28:20 ...
kernel: Process lsmod (pid: 27046, stack limit = 0x8785a190)
Message from syslogd@192.168.0.6 at Jun 24 21:28:20 ...
kernel: Stack: (0x8785be38 to 0x8785c000)
Message from syslogd@192.168.0.6 at Jun 24 21:28:20 ...
kernel: be20: 8785be80 8785bf78
Message from syslogd@192.168.0.6 at Jun 24 21:28:20 ...
kernel: be40: 8785be64 85ef2880 7fb5e384 00000000 00000000 85d2e280 8785bebc 8785be68
Message from syslogd@192.168.0.6 at Jun 24 21:28:20 ...
kernel: be60: 800efeb8 80091f84 00000000 00000000 8785bf78 76f615d8 85ef28b0 00000400
Message from syslogd@192.168.0.6 at Jun 24 21:28:20 ...
kernel: be80: 00000000 00000000 00000000 00000000 00000000 800efc90 87b83580 00000000
Message from syslogd@192.168.0.6 at Jun 24 21:28:20 ...
kernel: bea0: 00000000 00000001 00000000 00000000 8785bedc 8785bec0 80113ec8 800efc9c
Message from syslogd@192.168.0.6 at Jun 24 21:28:20 ...
kernel: bec0: 85d2e280 80113e60 8785bf78 8785bf78 8785bf44 8785bee0 800cc288 80113e6c
Message from syslogd@192.168.0.6 at Jun 24 21:28:20 ...
kernel: bee0: 00000000 00000000 00000000 00000000 00000000 72610000 6c37766d 00000000
Message from syslogd@192.168.0.6 at Jun 24 21:28:20 ...
kernel: bf00: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
Message from syslogd@192.168.0.6 at Jun 24 21:28:20 ...
kernel: bf20: 85d2e280 85d2e280 00000400 85d2e280 76f615d8 8785bf78 8785bf74 8785bf48
Message from syslogd@192.168.0.6 at Jun 24 21:28:20 ...
kernel: bf40: 800ccb88 800cc264 00000000 00000000 85d2e280 85d2e280 00000400 76f615d8
Message from syslogd@192.168.0.6 at Jun 24 21:28:20 ...
kernel: bf60: 00000000 00000000 8785bfa4 8785bf78 800cd41c 800ccb14 00000000 00000000
Message from syslogd@192.168.0.6 at Jun 24 21:28:20 ...
kernel: bf80: 76f61540 00000001 7e89db7f 00000003 80009744 8785a000 00000000 8785bfa8
Message from syslogd@192.168.0.6 at Jun 24 21:28:20 ...
kernel: bfa0: 80009580 800cd3d0 76f61540 00000001 00000003 76f615d8 00000400 00000000
Message from syslogd@192.168.0.6 at Jun 24 21:28:20 ...
kernel: bfc0: 76f61540 00000001 7e89db7f 00000003 76f619f0 00000000 00000000 00000002
Message from syslogd@192.168.0.6 at Jun 24 21:28:20 ...
kernel: bfe0: 76ffb33c 7e89db50 76fc397c 76fc361c 60000010 00000003 00000000 00000000
Code:
Jun 24 22:01:44 dd-wrt charon: 16[NET] received packet: from 123.123.123.123[4500] to 100.100.100.100[4500] (76 bytes)
Jun 25 02:23:37 dd-wrt kernel: Unable to handle kernel paging request at virtual address ff6cc7f0
Jun 25 02:23:37 dd-wrt kernel: pgd = 85f1c000
Jun 25 02:23:37 dd-wrt kernel: [ff6cc7f0] *pgd=07b1d811, *pte=00000000, *ppte=00000000
Jun 24 22:23:37 dd-wrt charon: 16[NET] received packet: from 123.123.123.123[4500] to 100.100.100.100[4500] (76 bytes)
Jun 24 22:23:37 dd-wrt charon: 16[ENC] parsed INFORMATIONAL request 597 [ ]
Jun 24 22:23:37 dd-wrt charon: 16[ENC] generating INFORMATIONAL response 597 [ ]
Jun 24 22:23:37 dd-wrt charon: 16[NET] sending packet: from 100.100.100.100[4500] to 123.123.123.123[4500] (76 bytes)
Jun 25 02:23:37 dd-wrt kernel: Internal error: Oops - BUG: 7 [#1] SMP ARM
Jun 25 02:23:37 dd-wrt kernel: Modules linked in: xfrm4_mode_tunnel nf_nat_pptp nf_conntrack_pptp nf_nat_proto_gre nf_conntrack_proto_gre xt_opendpi tun fast_classifier ext4 jbd2 mbcache crc16 jffs2 lzo_decompress lzo_compress lzma_decompress(P) lzma_compress
Jun 25 02:23:37 dd-wrt kernel: CPU: 1 PID: 8064 Comm: lsmod Tainted: P 4.4.190 #1092
Jun 25 02:23:37 dd-wrt kernel: Hardware name: Northstar Prototype
Jun 25 02:23:37 dd-wrt kernel: task: 87224400 ti: 85f62000 task.ti: 85f62000
Jun 25 02:23:37 dd-wrt kernel: PC is at m_show+0x70/0x170
Jun 25 02:23:37 dd-wrt kernel: LR is at vsnprintf+0xac/0x358
Jun 25 02:23:37 dd-wrt kernel: 3e40: 85f63e64 87376c80 7fb66384 00000000 00000000 85f29100 85f63ebc 85f63e68
Jun 24 22:23:50 dd-wrt 2078: 6w4d: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/21, changed state to down
Jun 24 22:23:51 dd-wrt 2079: 6w4d: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/21, changed state to down
Jun 24 22:23:54 dd-wrt 2080: 6w4d: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/21, changed state to up
Jun 24 22:23:54 dd-wrt 2081: 6w4d: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/21, changed state to up
And reconfigured OSPF. Unlike my earlier post, I managed to reconfigure without FRRouting. So it works well again. As for XFRM, no luck. Same situation.