[Openswan Users] uproute in _updown script
Marco Berizzi
pupilla at hotmail.com
Fri Feb 17 17:50:38 CET 2006
Ilia Sotnikov wrote:
>On 2/17/06, Marco Berizzi <pupilla at hotmail.com> wrote:
> >
> > Because netkey doesn't have ipsecX virtual devices, there is
> > no need to route traffic to the default gateway interface.
> >
>
>But still could be needed (remember my example with 'src' parameter).
You are right.
I'm using a couple of connections with left-rightsourceip=a.b.c.d.
I've just noticed that when i shutdown osw it doesn't remove those
two static route (openswan version 2.4.5rc4).
root at Electra:/etc/rc.d# ip route sh
a.b.c.d.65 dev eth0 scope link
a.b.c.d.64/27 dev eth1 scope link
172.22.1.0/24 dev eth2 proto kernel scope link src 172.22.1.254
172.18.1.0/24 via a.b.c.d.65 dev eth0
172.25.5.0/24 dev eth0 scope link src 172.22.1.254
172.21.1.0/24 via a.b.c.d.65 dev eth0
172.17.1.0/24 via a.b.c.d.65 dev eth0
172.16.0.0/23 dev eth0 scope link src 172.22.1.254
10.180.0.0/16 via a.b.c.d.65 dev eth0
10.0.0.0/8 via a.b.c.d.65 dev eth0
127.0.0.0/8 dev lo scope link
default via a.b.c.d.65 dev eth0 metric 1
root at Electra:/etc/rc.d# ipsec setup stop
ipsec_setup: Stopping Openswan IPsec...
root at Electra:/etc/rc.d# ip route sh
a.b.c.d.65 dev eth0 scope link
a.b.c.d.64/27 dev eth1 scope link
172.22.1.0/24 dev eth2 proto kernel scope link src 172.22.1.254
172.25.5.0/24 dev eth0 scope link src 172.22.1.254 <---this route isn't
deleted
172.16.0.0/23 dev eth0 scope link src 172.22.1.254 <---this route isn't
deleted
127.0.0.0/8 dev lo scope link
default via a.b.c.d.65 dev eth0 metric 1
More information about the Users
mailing list