[strongSwan-dev] [strongSwan] triggering MOBIKE in strongswan

Ravi Kanth Vanapalli vvnrk.vanapalli at gmail.com
Tue Nov 22 17:06:43 CET 2016


Thank you Andreas for the clarification.

One additional query. There is a flag named roam_events in
kernel_netlink_net.c

My understanding of this flag is when the UE IP address changes, if this
flag is set to true, then UE triggers MOBIKE, else UE doesn't trigger
MOBIKE even though UE's source IP address changes.

Kindly confirm if my understanding of this flag is true.


On Wed, Nov 16, 2016 at 4:42 PM, Andreas Steffen <
andreas.steffen at strongswan.org> wrote:

> Hi Ravi,
>
> yes, your understanding is correct. Our MOBIKE example scenario
>
> https://www.strongswan.org/testing/testresults/ikev2/mobike/index.html
>
> shows the interface change:
>
> 13[IKE] peer supports MOBIKE
> 07[KNL] 192.168.0.50 disappeared from eth1
> 15[KNL] interface eth1 deactivated
> 16[KNL] fec0::5 disappeared from eth1
> 07[KNL] fe80::5054:ff:fe3b:cd7 disappeared from eth1
> 12[IKE] old path is not available anymore, try to find another
> 12[IKE] looking for a route to 192.168.0.2 ...
> 12[IKE] requesting address change using MOBIKE
> 12[ENC] generating INFORMATIONAL request 2 [ ]
> 12[IKE] checking path 10.1.0.10[4500] - 192.168.0.2[4500]
> 12[NET] sending packet: from 10.1.0.10[4500] to 192.168.0.2[4500] (80
> bytes)
> 12[IKE] checking path 10.1.0.10[4500] - 10.2.0.1[4500]
> 12[NET] sending packet: from 10.1.0.10[4500] to 10.2.0.1[4500] (80 bytes)
> 15[NET] received packet: from 192.168.0.2[4500] to 10.1.0.10[4500] (80
> bytes)
> 15[ENC] parsed INFORMATIONAL response 2 [ ]
> 15[ENC] generating INFORMATIONAL request 3 [ N(UPD_SA_ADDR) N(NATD_S_IP)
> N(NATD_D_IP) N(COOKIE2) N(ADD_6_ADDR) ]
> 15[NET] sending packet: from 10.1.0.10[4500] to 192.168.0.2[4500] (192
> bytes)
> 13[NET] received packet: from 192.168.0.2[4500] to 10.1.0.10[4500] (160
> bytes)
> 13[ENC] parsed INFORMATIONAL response 3 [ N(NATD_S_IP) N(NATD_D_IP)
> N(COOKIE2) ]
>
> Regards
>
> Andreas
>
> On 16.11.2016 15:54, Ravi Kanth Vanapalli wrote:
> > Hi,
> >
> >    I wanted to know how is MOBIKE triggered in Strongswan.
> >    I have setup an IKEv2 connection to the gateway with MOBIKE enabled.
> > I confirmed it from the logs.
> >    My understanding of MOBIKE is, if the default route to the gateway is
> > changed i.e lets say from IP1 to IP2.  IP1 is on interface 1 , IP2 is on
> > interface 2, UE triggers MOBIKE based IKE SA update to update the source
> > IP. strongswan doesn't bind to any specific interface for sending the
> > packets out to the ipsec gateway.
> > Could you please confirm if this understanding is correct.
> >
> >
> > --
> > Regards,
> >
> > RaviKanth VN Vanapalli
> > Email: vvnrk.vanapalli at gmail.com <mailto:vvnrk.vanapalli at gmail.com>
> >
> >
> > _______________________________________________
> > Users mailing list
> > Users at lists.strongswan.org
> > https://lists.strongswan.org/mailman/listinfo/users
> >
>
> --
> ======================================================================
> Andreas Steffen                         andreas.steffen at strongswan.org
> strongSwan - the Open Source VPN Solution!          www.strongswan.org
> Institute for Internet Technologies and Applications
> University of Applied Sciences Rapperswil
> CH-8640 Rapperswil (Switzerland)
> ===========================================================[ITA-HSR]==
>
>


-- 
Regards,
RaviKanth VN Vanapalli
Email: vvnrk.vanapalli at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20161122/2ed395b1/attachment.html>


More information about the Dev mailing list