[Openswan Users] Dynamically attached interfaces
Siegfried Vogl
svogl at vodata.de
Sun Feb 21 16:14:20 UTC 2021
Hello,
sorry for the noise. I answer myself. "ipsec auto --ready" was the
answer. I missed it in my source.
Siegfried
On 2/21/21 12:48 PM, Siegfried Vogl wrote:
> Hello,
>
>
> Linux Openswan U2.6.52.1/K4.14.214 on an embedded system.
>
> I'm a bit confused because I always thought that openswan
> automatically recognizes interfaces that are added at runtime or whose
> ip address changes dynamically.
>
> Now I have the following issue:
> - pluto has started.
>
> - "networkd" from "systemd" (version 246) is used as the network
> daemon. I cannot use the NetworkManager.
>
> - An OTA connection is started via the command line interface of the
> ModemManager ("mmcli -m <modem> --simple-connect=..."), which creates
> the interface "wwan0".
>
>
> Openswan does not set up a listener on this interface. Only an "ipsec
> whack --listen" makes the interface known to Pluto. The disadvantage
> here is that tunnels that are active on other interfaces are then
> obviously terminated.
> Even if the wwan0 interface is already known to Pluto, but changes its
> IP due to a new connection, this is not recognized by Pluto. When
> starting a tunnel, this then leads to a routing problem in Pluto
> because it does not recognize the new network.
> I am now wondering whether this is due to the use of the "systemd
> networkd"?
>
> Workarounds:
> - Does anyone know of a command to specifically add or remove an
> interface for the listener? I don't know anyone.
> - Let Pluto listen on a bridge interface and add the wwan to the
> bridge during runtime, or delete it.
>
> By the way, the problem is not limited to OTA. I have the same problem
> on a LAN DHCP interface.
>
> I would be grateful for any advice.
>
> Siegfried
>
More information about the Users
mailing list