[strongSwan] ipsec routes removed when interface down and not reinstated
Alexander Hill
alex at hill.net.au
Mon Oct 31 10:20:39 CET 2016
Hi Noel,
Just a followup to this:
charon monitors changes to interfaces and IP addresses and tries to recover
from any changes. If for example I unplug my network cable while a wifi
connection is active, the route to the virtual subnet is removed by the
kernel and re-added by charon on the correct interface.
The case where no new route is immediately available is a corner case, but
I don't think one that doesn't deserve to be handled in the same way.
What do you think?
Cheers,
Alex
On Fri, 28 Oct 2016 at 23:33 Alexander Hill <alex at hill.net.au> wrote:
Ok, thanks. That makes sense.
Triggering a reconnect on if-up should do the trick then.
Cheers, Alex
On Fri., 28 Oct. 2016 at 11:09 pm, Noel Kuntze <noel at familie-kuntze.de>
wrote:
On 28.10.2016 07:07, Alexander Hill wrote:
> What's the thing that removes the route when the network cable is
unplugged - and can that thing also re-add the route when it's plugged back
in?
I think the kernel does that. There's no userspace component involved in
this. But it doesn't add anything back.
--
Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze
GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20161031/6973a7bd/attachment.html>
More information about the Users
mailing list