[Openswan dev] route problem

utkarsh shah utkarsh at elitecore.com
Sat Mar 25 15:51:50 CET 2006


 hi,

i have reported it as bug but if i am wrong please guide me

i am using Linux Openswan U2.4.4/K2.4.5rc4 (klips) version. and ip route version is : ip utility, iproute2-ss020116

i have changed _updown and added IPROUTETABLE="vpnroute" so routes are added in it

i tried to make a manual key connection. it successfully got established. when i disconnected, routes where there as u can see from following lines

[root at manage /root]# ipsec manual --up test_manual-1

[root at manage /root]# ip ru ls
0: from all lookup local 
49: from 183.7.7.0/24 to 180.7.7.0/24 lookup vpnroute 
50: from all lookup main 
151: from 182.7.7.0/24 lookup 151 
152: from 182.7.7.0/24 lookup 152 
153: from 192.168.0.0/20 lookup 153 
221: from all lookup 221 
32766: from all lookup main 
32767: from all lookup 253 

[root at manage /root]# ip ro ls table vpnroute
180.7.7.0/24 via 182.7.7.1 dev ipsec0 

[root at manage /root]# ipsec manual --down test_manual-1 

[root at manage /root]# ip ru ls
0: from all lookup local 
50: from all lookup main 
151: from 182.7.7.0/24 lookup 151 
152: from 182.7.7.0/24 lookup 152 
153: from 192.168.0.0/20 lookup 153 
221: from all lookup 221 
32766: from all lookup main 
32767: from all lookup 253 

[root at manage /root]# ip ro ls table vpnroute
180.7.7.0/24 via 182.7.7.1 dev ipsec0 


it above line routes is available but some time even rules were not removed.

one more thing once i created multiple connection between to openswan servers
they had two rules and one route as destination were same. but when i disconnected one route was deleted so my second connection says it is connected but still packets were not transfered. i cheked ip routes & rules and i found such thing. ( its reproducibility is random but more frequent )

Regards,

Utkarsh Shah
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/dev/attachments/20060325/d842be58/attachment-0001.htm


More information about the Dev mailing list