[Openswan Users] duplicate tunnels shown in ipsec eroute

Feng Dai freedai at hotmail.com
Tue Jul 14 14:07:02 EDT 2015


Hello,
After updating to openswan 2.6.43, 'ipsec eroute' will have duplicate tunnels when I stopped other side ipsec. 'ipsec spi' only has one tunnel though. Will this behavior have performance/function impact if the number accumulated to a huge  list?
Any help would be great. Thanks.
[d2 ~]# ipsec eroute0          172.31.6.0/24      -> 192.168.162.0/24   => tun0x1006 at 10.50.11.950          172.31.6.0/24      -> 192.168.162.0/24   => tun0x1006 at 10.50.11.95
[d2 ~]# ipsec spitun0x1005 at 10.50.8.209 IPIP: dir=in  src=10.50.11.95 policy=192.168.162.0/24->172.31.6.0/24 flags=0x8<> life(c,s,h)=addtime(504,0,0) natencap=none natsport=0 natdport=0 refcount=3 ref=8 refhim=1esp0x93fc3837 at 10.50.11.95 ESP_AES_HMAC_SHA1: dir=out src=10.50.8.209 iv_bits=128bits iv=0x2cf022f6a985517d98e40947758eb5a5 ooowin=64 alen=160 aklen=160 eklen=128 life(c,s,h)=addtime(504,0,0) natencap=none natsport=0 natdport=0 refcount=3 ref=10 refhim=0tun0x1006 at 10.50.11.95 IPIP: dir=out src=10.50.8.209 life(c,s,h)=addtime(504,0,0) natencap=none natsport=0 natdport=0 refcount=3 ref=1 refhim=0esp0xcbda1983 at 10.50.8.209 ESP_AES_HMAC_SHA1: dir=in  src=10.50.11.95 iv_bits=128bits iv=0x576ca30e1ba7bf22e27561168b26e236 ooowin=64 alen=160 aklen=160 eklen=128 life(c,s,h)=addtime(504,0,0) natencap=none natsport=0 natdport=0 refcount=3 ref=9 refhim=1

Feng Dai                       """""                              ( @ @ )---------------------------oOo--(_)--oOo-------http://www.pandora.com/?sc=sh126158488288332491
===============================================
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20150714/5090df86/attachment.html>


More information about the Users mailing list