[Openswan Users]
IP address remains for ipsec interface after stopping openswan
Sandor Geller
wildy at balabit.hu
Tue May 2 13:31:51 CEST 2006
Hello,
I encountered the following problem:
With openswan 2.4.5 I'm using an IP alias for the ipsec0 interface. When
I start openswan everything works. However when I stop openswan and
deconfigure the ip alias from the ethernet iterface, the IP address
remains for the ipsec0 interface and the system still responds to ARP
requests, which is my problem - especially because the system is part of
a failover cluster.
As a workaround I set arp_filter to 1, and so far it works.
Is this the intended behaviour? Older (1.x) Openswan versions deleted
the ipsec interfaces while stopping.
Regards,
--
Sandor Geller
wildy at balabit.hu
More information about the Users
mailing list