[Openswan dev] [PATCH] Incorrect automatic route via ipsec0

Bart Trojanowski bart at jukie.net
Mon Oct 25 11:49:00 EDT 2010


* Roel van Meer <rolek at bokxing.nl> [101025 08:10]:
> Note: in order to avoid adding confusion to an already long and
> confusing thread: I think your comments are based on a version of a
> patch I submitted but which has been replaced by a different
> version. In that light most of it is no longer relevant, since the
> new patch removes the metric bumping code altogether.

I've been caught red handed, and guilty of not reading the entire
thread.  Now that I've reviewed the rest, I agree with your findings.

I am not sure why we ever created the virtual interface with a mask
other than /32.  Maybe just to avoid confusion.  It would make sense to
me to just assign it the address, but like Harald I worry that we might
create other problems.

I've reworked your patch a bit to remove the assignment of the
broadcast, and peer addresses from the virtual interface.  That's
attached.

I think that should still work for you, and I need to do some more
testing.

Sorry about the confusion, and thanks for taking time to explain it
(again).

-Bart

-- 
				WebSig: http://www.jukie.net/~bart/sig/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-fix-interface-parsing-in-getinterfaceinfo.patch
Type: text/x-diff
Size: 1439 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/dev/attachments/20101025/c8156b64/attachment.bin 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-KLIPS-avoid-routes-towards-virtual-ipsecN-interface.patch
Type: text/x-diff
Size: 3293 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/dev/attachments/20101025/c8156b64/attachment-0001.bin 


More information about the Dev mailing list