[Openswan Users] virtual ethernet interface & Openswan - Bug?

Wimmer, Tobias Wimmer at Saynet.de
Mon Jul 12 13:48:11 CEST 2004


Hi,

I found the following strange (at least to me) problem on my FC2 box
with a 2.6 kernel. 
I have a static public IP adress bound to eth0. On eth1 I have two
private IP adresses, respectively

eth1 - 192.168.1.1/24
eth1:1 - 192.168.2.1/24

Roadwarrior connections to the gateway work without a problem but I have
to configure a persistent tunnel to a remote gateway. 

Now everytime I define a connection with the option "auto=start" the
tunnel negotiation works as expected, but as soon as the tunnel is up
OpenSWAN starts sending ESP packets with the source IP address of the
virtual ethernet interface 192.168.2.1

Another funny thing I found is that even when I take down eth1:1
Openswan keeps sending ESP packets from that IP (with or without
restarting openswan). The only way to bypass this is to deactivate the
virtual interface on boot and restarting the linux box.

Why is this happening? Is this a known issue (I didn't find anything
about this on the net)? Is it a bug or is it something that comes from
design limitations (i.e. with 2.6 kernel versions)? 

Any hints on this? (If some debug output is needed please let me know)

Regards,

Tobias Wimmer


More information about the Users mailing list