[strongSwan] regarding dns resolution

Andre Valentin avalentin at marcant.net
Fri Sep 6 14:30:12 CEST 2013


If you want strongswan to update the internel DNS cache, you have to run:
ipsec update

I run it via cron;-)

This helped me a lot.


Am 04.09.2013 14:15, schrieb Rakesh Bansod:
> hi,
> I want to know how the dns is resolved in strongswan.
> if i give right=rakesh.com <http://rakesh.com> and for this a particular
> ip is written in /etc/hosts, so the connection goes up easily.
> But in logs it shows the ip while connecting this means that somewhere
> inside the name is replaced by ip.
> what actually happen???
> also i made other side "rakesh.com <http://rakesh.com>" to drop esp
> packets and changed the ip address of "rakesh.com <http://rakesh.com>"
> in /etc/hosts while live connection.
> when i ping "rakesh.bansod" it tries to recoonect to "rakesh.com
> <http://rakesh.com>" because of dpdaction=restart.
> but problem is that it didn't knew that the ip is changed and still
> tries with the same ip.
> also i tried ipsec update, but it didn't worked.
> what should i do if i now the dns of other party which keeps on changing
> its ip address then how to make connection in such case.
> please help.
> thank you.
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users

More information about the Users mailing list