[Openswan dev] Thoughts for phasing out nexthop= settings

Paul Wouters paul at xelerance.com
Tue Feb 3 21:22:53 CET 2004


We have been thinking a bit about the whole "nexthop=" settings for a bit in
the last few days, since we were doing testing on 2.6, where this is a problem.

We believe that for 2.4 and up, the nexthop= settings are no longer neccessary.
Since the current updown scripts already use advanced routing (the "ip" command),
we already broke on 2.2 kernels, which are also the kernels that would be the
ones who still need the nexthop settings.

I'd like to know if anyone can come up with a situation where we still need
a leftnexthop= setting with 2.4 or 2.6 (On either KLIPS of "26sec")

What triggered this discussion was that a simple con like:

right=1.2.3.4
rightrsasigkey=foo
left=2.3.4
leftrsasigkey=bar
auto=start

fails because this defaulst to "%direct" mode, instead of defaulting to
"%defaultroute" mode, where it takes the IP address of the default gateway
and puts that in as leftnexthop.

If no one can come up with one, we will start removing it soon (from OpenSWAN)

Paul



More information about the Dev mailing list