[Openswan Users] IP address not getting removed

Rolando Zappacosta zappacor at yahoo.com.ar
Tue Sep 16 16:01:48 EDT 2008


Hi all,

   I could see each time I bring up and then down an IPsec tunnel the local IP address OSW installs as per the ModeCfg config received doesn't get deleted and, hence, I end up having a lot of these local IP addresses. Is it that I'm doing something wrong or is this is a bug for OSW 2.4.13?:

RJZ-LNX ~ # rc-service ipsec start
ipsec             | * Starting IPSEC ... ...
ipsec             |ipsec_setup: Starting Openswan IPsec 2.4.13...                                                                      [ ok ]
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ # ip addr list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 00:16:41:ae:a1:3a brd ff:ff:ff:ff:ff:ff
3: irda0: <NOARP> mtu 2048 qdisc noop state DOWN qlen 8
    link/irda 00:00:00:00 brd ff:ff:ff:ff
4: wmaster0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ieee802.11 00:18:de:b1:d7:95 brd ff:ff:ff:ff:ff:ff
5: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:18:de:b1:d7:95 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.236/24 brd 192.168.1.255 scope global eth1
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ # ipsec auto --up Intranet
112 "Intranet" #1: STATE_AGGR_I1: initiate
003 "Intranet" #1: ignoring unknown Vendor ID payload [4c5647392e322e3237373a425249434b3a392e322e323737]
004 "Intranet" #1: STATE_AGGR_I2: sent AI2, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
041 "Intranet" #1: Intranet prompt for Username:
Name enter:   <MyUserName>
040 "Intranet" #1: Intranet prompt for Password:
Enter secret:
004 "Intranet" #1: STATE_XAUTH_I1: XAUTH client - awaiting CFG_set
003 "Intranet" #1: discarding duplicate packet; already STATE_XAUTH_I1
004 "Intranet" #1: STATE_XAUTH_I1: XAUTH client - awaiting CFG_set
004 "Intranet" #1: STATE_MAIN_I4: ISAKMP SA established
117 "Intranet" #2: STATE_QUICK_I1: initiate
003 "Intranet" #2: ignoring informational payload, type IPSEC_RESPONDER_LIFETIME
004 "Intranet" #2: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x7f4443ff <0x8a1750a9 xfrm=3DES_0-HMAC_SHA1 NATD=none DPD=none}
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ # ip addr list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 00:16:41:ae:a1:3a brd ff:ff:ff:ff:ff:ff
3: irda0: <NOARP> mtu 2048 qdisc noop state DOWN qlen 8
    link/irda 00:00:00:00 brd ff:ff:ff:ff
4: wmaster0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ieee802.11 00:18:de:b1:d7:95 brd ff:ff:ff:ff:ff:ff
5: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:18:de:b1:d7:95 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.236/24 brd 192.168.1.255 scope global eth1
    inet <LocalOSWipAddr_1>/32 scope global eth1
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ # ipsec auto --down Intranet
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ # ip addr list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 00:16:41:ae:a1:3a brd ff:ff:ff:ff:ff:ff
3: irda0: <NOARP> mtu 2048 qdisc noop state DOWN qlen 8
    link/irda 00:00:00:00 brd ff:ff:ff:ff
4: wmaster0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ieee802.11 00:18:de:b1:d7:95 brd ff:ff:ff:ff:ff:ff
5: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:18:de:b1:d7:95 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.236/24 brd 192.168.1.255 scope global eth1
    inet <LocalOSWipAddr_1>/32 scope global eth1
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ # rc-service ipsec stop
ipsec             | * Stopping IPSEC ... ...
ipsec             |ipsec_setup: Stopping Openswan IPsec...                                                                             [ ok ]
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ #
RJZ-LNX ~ # ip addr list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
    link/ether 00:16:41:ae:a1:3a brd ff:ff:ff:ff:ff:ff
3: irda0: <NOARP> mtu 2048 qdisc noop state DOWN qlen 8
    link/irda 00:00:00:00 brd ff:ff:ff:ff
4: wmaster0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ieee802.11 00:18:de:b1:d7:95 brd ff:ff:ff:ff:ff:ff
5: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:18:de:b1:d7:95 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.236/24 brd 192.168.1.255 scope global eth1
    inet <LocalOSWipAddr_1>/32 scope global eth1
RJZ-LNX ~ #



      


More information about the Users mailing list