Sorry for the repost but here it is again :-)
> Hi,
>
> Kernel 2.4.18 and FreeS/WAN 1.97 with the following test setup:
>
>
> --------------
> | Router |
> 10.0.6.1/24 / --------------\ 10.0.5.1/24
> / \
> 10.0.6.3/24 / \ 10.0.5.2/24
> ----------- -------------
> | VPN-A | | VPN-B |
> ----------- -------------
>
> conn test
> leftrsasigkey=0sAQN...
> left=10.0.6.3
> leftsubnet=10.0.10.3/32
> leftnexthop=10.0.6.1
> rightrsasigkey=0sAQN...
> right=10.0.5.2
> rightsubnet=10.0.10.2/32
> rightnexthop=10.0.5.1
>
> 10.0.10.3/32 and 10.0.10.2/32 are actually loopback addresses
> on respectively VPN-A and VPN-B.
>
> I also have OSPF area 0 running on these three devices. After
> bringing up the tunnel the routing table on VPN-A (similar to
> VPN-B) shows this:
>
> 1) 10.0.10.2 via 10.0.6.1 dev ipsec0 src 10.0.10.3
> 2) 10.0.10.2 via 10.0.6.1 dev vlan6 proto zebra metric 20
> 3) 10.0.5.0/24 via 10.0.6.1 dev vlan6 proto zebra metric 20
> 4) 10.0.6.0/24 dev vlan6 proto kernel scope link src 10.0.6.3
> 5) 10.0.6.0/24 dev ipsec0 proto kernel scope link src 10.0.6.3
>
> Number (1) is what I wanted. I can live with (2) because of the
> metric. (3) is OK. (4) is a fact. BUT, what is (5) doing there?
> Isn't this a chicken and egg problem? I don't think that it's
> because of the OSFP, is it?
Actually I just tested without the OSPF bit and I still see (5).
> And how come (5) is never used, in
> other words, the tunnel is up and running and works fine, why?
I have, manually, removed (5) and all is OK. But the question remains
why this route got added in the first place.
>
> Thanks in advance,
> Ramin
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:57 CEST