[Openswan Users] leftnexthop ppp fc6
Marek Greško
gresko at thr.sk
Sat Nov 11 06:09:48 EST 2006
Hello,
I found an interresting issue using openswan/netkey on fc6. While I was using
openswan before and had running setup with leftnexthop=%defaultroute I was
quite unhappy after upgrading to fc6 seeing my setup is not working any more.
After some examination I found that using ppp in fc6 there is no G flag in
routing table for default route and therefore openswan does not get
defaultroute in ipsec showdefaults so the leftnexthop=%defaultroute does not
work any more. But when I commented it out e. g. changed to
leftnexthop=%direct everything is working again.
I have two questions:
1. Is it a bug of ppp (or any other component of fc6) that it does not set the
G flag into routing table for default gateway or is it a bug of openswan,
that it does not resolv the default route as default route when the G flag is
not set?
2. Is the solution with leftnexthop=%direct correct? I think yes, because the
routes before was also created as if it was direct (no gateway was filled
in). But maybe it would make some sense when using KLIPS. Can you give me
proper explanation?
Thank you
--
Marek Greško
systémový administrátor
THR Systems, a. s.
More information about the Users
mailing list