[Openswan Users] multiple tunnel fails after upgrade, kernel 2.6.8 bug!?

Herbert Xu herbert at gondor.apana.org.au
Tue Sep 7 22:26:26 CEST 2004


On Tue, Sep 07, 2004 at 12:52:52PM +0200, Vik Heyndrickx wrote:
>
> 
> 	  left subnet                       "public" network                    right subnets
>          10.111.111.0/24                     192.168.77.0/24                   10.222.222.0/24
>                                                                                10.222.223.0/24
> +------------+     +-----------------------------+     +---------------------------+     +--------------+
> | left host  |     |        left gateway         |     |       right gateway       |     |  right host  |
> |    eth0    |-----|      eth1        eth0       |-----|      eth0        eth1     |-----|     eth0     |
> |10.111.111.1|     |10.111.111.254 192.168.77.127|     |192.168.77.128 10.222.222.1|     |10.222.222.254|
> |            |     |                             |     |               10.222.223.1|     |10.222.223.254|
> +------------+     +-----------------------------+     +---------------------------+     +--------------+
> 
>                                               IPSEC tunnel
>                             10.111.111.0/24 ================ 10.222.222.0/24
>                                               IPSEC tunnel
>                             10.111.111.0/24 ================ 10.222.223.0/24
> 
> If both tunnels are up, I can ping from left host to 10.222.223.254, but NOT to 10.222.222.254.

Can you ping 10.222.222.1 from the left host?

Please show me the output of setkey -PD and setkey -D.  I'd also like
to see the output of ip ro ls cache just while you're doing an failed
ping.

Thanks,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt


More information about the Users mailing list