[Openswan Users] help with multiple ip addresses
Michael Smith
msmith at cbnco.com
Sun Oct 4 20:25:30 EDT 2009
On Mon, 5 Oct 2009, Rodney McKee wrote:
> bond0:0 has ip address yyy.yyy.yyy.yyy <- this is the ip/interface I
> want to be using.
> The error I'm seeing on startup is:
> multiple ip addresses, using xxx.xxx.xxx.xxx on bond0
> where xxx... is not the IP address I'm hoping to use.
Hi Rodney,
Make sure you're using left=yyy.yyy.yyy.yyy (or right=yyy.yyy.yyy.yyy) for
the local endpoint in your tunnels, rather than left=%defaultroute. You
may still see the message about multiple addresses, but it'll use the one
you tell it to.
Then, when a node takes over master, I've found the failover scripts
either have to restart openswan, or signal it to pick up the new address
and start all tunnels that use it:
ipsec whack --listen
for i in list of tunnels; do
ipsec auto --replace $i
ipsec auto --up --asynchronous $i
done
Mike
More information about the Users
mailing list