[strongSwan] question of returning unrequested DNS and DHCP server addresses in strongswan-5.0.0?

Richard Andrews richard.andrews at symstream.com
Wed Aug 22 08:42:38 CEST 2012


In my experience (not strongswan in this case) this sort of info is
exchanged during a MODE_CFG extended IKE exchange. This is a
request-response protocol, so if the client does not request it, the
server will not send it.


On Wed, 2012-08-22 at 04:37 +0000, Mao, Zhiheng wrote:
> Hi there,
> 
> I have added the DNS and DHCP addresses to the strongswan.conf file on
> the Moon side and now Carol is able to receive these addresses. Since
> the configuration is done to the strongswan.conf, I am wondering if
> other clients, for example, Bob, will also receive these addresses. I
> guess this is the case, but what if Bob is not interested in receiving
> DNS and DHCP addresses and has not requested them in its IKEv2
> messages, would this be considered an error of the server in which
> case the server is telling unwanted information to the client? Thank
> you very much for any clarification!






More information about the Users mailing list