[strongSwan-dev] Configuring "leftdns" to %config4 amn/or %config6
RIOU, DOMINIQUE VZ (DOMINIQUE)
dominique.riou at alcatel-lucent.com
Fri Jan 4 11:48:00 CET 2013
Thanks for these informations.
Regards.
Dominique RIOU
-----Original Message-----
From: Martin Willi [mailto:martin at strongswan.org]
Sent: vendredi 4 janvier 2013 11:16
To: RIOU, DOMINIQUE VZ (DOMINIQUE)
Cc: dev at lists.strongswan.org
Subject: Re: [strongSwan-dev] Configuring "leftdns" to %config4 amn/or %config6
Hi,
> My question is: What is the aim of setting the parameter "leftdns"
> with %config4 or %config6, if the server or local strongswan does not
> take into account ?
According to RFC5996, a responder can send any DNS attribute regardless of what the initiator requested. In strongSwan, we handle this by sending just what we have configured for that client, regardless of what it requested. Because of this responder policy, it does not make much sense to set leftdns on strongSwan-strongSwan installations.
Other implementations of IKEv2 handle things differently, hence it might be required to request specific DNS attributes to get both IPv4 and IPV6 (or whatever you ask for).
Regards
Martin
More information about the Dev
mailing list