IPv6 readyNote: This archive passes through spamassassin. Every mail marked with the subject "*****SPAM*****" has exceed a certain threshold of spam-like behaviour.

[Users] Routing and FreeS/WAN

From: Ramin Alidousti (ramin_at_cannon.eng.us.uu.net)
Date: Fri May 03 2002 - 23:25:09 CEST

Hi,

Kernel 2.4.18 and FreeS/WAN 1.97 with the following test setup:

                  --------------
                 | Router |
  10.0.6.1/24 / --------------\ 10.0.5.1/24
               / \
  10.0.6.3/24 / \ 10.0.5.2/24
         ----------- -------------
        | VPN-A | | VPN-B |
         ----------- -------------

conn test
        leftrsasigkey=0sAQN...
        left=10.0.6.3
        leftsubnet=10.0.10.3/32
        leftnexthop=10.0.6.1
        rightrsasigkey=0sAQN...
        right=10.0.5.2
        rightsubnet=10.0.10.2/32
        rightnexthop=10.0.5.1

10.0.10.3/32 and 10.0.10.2/32 are actually loopback addresses
on respectively VPN-A and VPN-B.

I also have OSPF area 0 running on these three devices. After
bringing up the tunnel the routing table on VPN-A (similar to
VPN-B) shows this:

1) 10.0.10.2 via 10.0.6.1 dev ipsec0 src 10.0.10.3
2) 10.0.10.2 via 10.0.6.1 dev vlan6 proto zebra metric 20
3) 10.0.5.0/24 via 10.0.6.1 dev vlan6 proto zebra metric 20
4) 10.0.6.0/24 dev vlan6 proto kernel scope link src 10.0.6.3
5) 10.0.6.0/24 dev ipsec0 proto kernel scope link src 10.0.6.3

Number (1) is what I wanted. I can live with (2) because of the
metric. (3) is OK. (4) is a fact. BUT, what is (5) doing there?
Isn't this a chicken and egg problem? I don't think that it's
because of the OSFP, is it? And how come (5) is never used, in
other words, the tunnel is up and running and works fine, why?

Thanks in advance,
Ramin
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:56 CEST