[Openswan Users] Openswan 2.6.26 and IPv6 issues
Michael H. Warfield
mhw at WittsEnd.com
Mon Jul 12 11:27:17 EDT 2010
On Mon, 2010-07-12 at 09:53 -0400, Paul Wouters wrote:
> On Mon, 12 Jul 2010, Jason White wrote:
> > 1. On my Debian system, OpenSwan fails to bind to the IPv6 address
> > during the boot process. I reported this as a Debian bug. It turned out
> > not to be exclusively an OpenSwan problem, i.e., if I configured sshd to
> > bind to a particular IPv6 address, this would also fail.
> > However, it was suggested in the Debian discussion that OpenSwan should
> > really detect new IPv6 addresses on an interface after start-up and
> > respond appropriately.
> I saw that bug report. pluto does need to get smarter in knowing when to look
> for new IP addresses bound on the machine. We are looking at implementing
> something for that. Perhaps something similar to bind's "scanning".
Yeah... IPv6 addresses are subject to a number of conditions under
which they can change dynamically including auto-conf renumbering,
privacy enhanced EUI addresses, and dynamic cycling where processes on
the machine add and delete addresses. Closest thing IPv4 has to that
would be if a dhcp server decided to change a lease after an old one
expired while the machine is running.
> > 2. This might not be an IPv6 issue: if I set ikev2=insist in the
> > configurations at both ends of a connection, the initiating host reaches
> > the I2 stage and then fails to receive a reply, resulting in
> > retransmissions that never lead to a completed negotiation.
> I have not heard of this before. Can you send a plutodebug=all of both
> sides and put it into a new bug at bugs.openswan.org ?
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://lists.openswan.org/pipermail/users/attachments/20100712/675b3dc4/attachment.bin
More information about the Users