[strongSwan] Question on selecting source address
Tobias Brunner
tobias at strongswan.org
Fri May 6 12:30:20 CEST 2016
Hi,
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> 10.2.0.0 * 255.255.0.0 U 1 0 0 eth1
> 10.6.0.0 * 255.255.0.0 U 1 0 0 eth0
> default 10.6.0.1 0.0.0.0 UG 0 0 0 eth0
You should use `ip route` to get a better picture of the installed
routes (e.g. the source IPs set for each route, and to see routes in
other routing tables).
> After query RTM_GETROUTE, it will collect all the possible route entries.
>
> With above network setup it will collect two route entries to
> destination 10.2.1.xx.
Yes, the default route and with higher priority the more specific route
to 10.2.0.0/16.
> However only one entry will have src_host.
Which one? That is not seen in the output of `route`, check with `ip
route`.
> Then when it loop through collected route entries to get the best source
> ip address, depends on the order of route entries
Yes, the first one tried is the 10.2.0.0/16 one.
> it will hit the entry without source ip address but OIF first, that
> will break right away and give that address as best address, which is
> not what I wanted.
How so? If the 10.2.0.0/16 route is used with eth1 assigned then the IP
on eth1 should get used, which is 10.2.1.170 on the client. Isn't that
what you want?
Regards,
Tobias
More information about the Users
mailing list