[Openswan Users] Openswan 2.6.26 and IPv6 issues

Paul Wouters paul at xelerance.com
Mon Jul 12 09:53:07 EDT 2010


On Mon, 12 Jul 2010, Jason White wrote:

> 1. On my Debian system, OpenSwan fails to bind to the IPv6 address
> during the boot process. I reported this as a Debian bug. It turned out
> not to be exclusively an OpenSwan problem, i.e., if I configured sshd to
> bind to a particular IPv6 address, this would also fail.
>
> However, it was suggested in the Debian discussion that OpenSwan should
> really detect new IPv6 addresses on an interface after start-up and
> respond appropriately.

I saw that bug report. pluto does need to get smarter in knowing when to look
for new IP addresses bound on the machine. We are looking at implementing
something for that. Perhaps something similar to bind's "scanning".

> 2. This might not be an IPv6 issue: if I set ikev2=insist in the
> configurations at both ends of a connection, the initiating host reaches
> the I2 stage and then fails to receive a reply, resulting in
> retransmissions that never lead to a completed negotiation.

I have not heard of this before. Can you send a plutodebug=all of both
sides and put it into a new bug at bugs.openswan.org ?

Paul


More information about the Users mailing list