[Openswan dev] Re: Openswan 2.4.0dr9 multiple defaultroute patch
David McCullough
davidm at snapgear.com
Tue Aug 16 11:48:37 CEST 2005
Jivin mcr at xelerance.com lays it down ...
> -----BEGIN PGP SIGNED MESSAGE-----
>
> >>>>> "David" == David McCullough <davidm at snapgear.com> writes:
> >> defaultinterface() { phys=`netstat -nr | awk '$1 == "0.0.0.0" &&
> >> $3 == "0.0.0.0" { print $NF; exit }'`
> >>
> >> which just prints the first one.
>
> David> Just for reference, we have been using the first entry for a
> David> few years now without problems, all of our gear has multiple
> David> default routes,
>
> Do you have different IPs on the different interfaces?
Yes.
> Do you use %defaultroute in your conns? Do the ESP packets come
> out with the right outer IP?
Yes, and the packets come out the interface that is providing the first
default route with the appropriate IP's.
Cheers,
Davidm
--
David McCullough, davidm at cyberguard.com.au, Custom Embedded Solutions + Security
Ph:+61 734352815 Fx:+61 738913630 http://www.uCdot.org http://www.cyberguard.com
More information about the Dev
mailing list