[strongSwan] route disappears on PPP renegotiation

Tobias Brunner tobias at strongswan.org
Thu Nov 10 18:13:59 CET 2011


Hi Mirko,

> I may be wrong, but I don't think it has been truncated.

No you were right, it was the complete log.

> At 18:49:25, the route to 192.168.0.2 does exist,
> but charon hasn't noticed it.

Well, charon does notice that the interface comes up again.  But the
issue here is that the IP address doesn't change.  What happens is that
charon sees that the interface goes down, tries to find a new route,
doesn't find one and defers any further updates.  Now, when the
interface comes back up again, charon does indeed notice it, but since
the IP is the same as before there is no need for it to trigger the
MOBIKE process and update the installed SA/policies and, thus, does not
retrigger the installation of the route.  The solution to this problem
would require a change in how the routes are managed in charon.
Currently every installed forward policy manages some metadata about the
route installed together with it.  But there is no global list of
installed routes.  The latter would help in this case as we could simply
reinstall all installed routes on reactivated interfaces.  I can't give
you an ETA for a solution at the moment, but if this is a real issue for
you, there might be some hackish workarounds, e.g. triggering MOBIKE
updates even if not really needed.  Patches for a proper solution are
welcome too.

Regards,
Tobias




More information about the Users mailing list