[strongSwan] ipsec routes removed when interface down and not reinstated
Tobias Brunner
tobias at strongswan.org
Mon Oct 31 14:56:32 CET 2016
Hi Alex,
> But when there's no immediate path, e.g. if the only network adapter has
> a cable unplugged or if switching WiFi networks takes too long, the
> route is deleted and when an interface comes back up, it isn't re-added.
The latter should be the case if an interface that was down is activated
again (i.e. if you see "interface ... activated" in the log) or if an
address (re-)appears on the interface (i.e. if you see "... appeared on
..."). However, what's not reinstalled are the virtual IPs. So perhaps
the problem is that the VIP disappears in some cases but not others. To
avoid that you could set charon.install_virtual_ip_on to e.g. lo.
Regards,
Tobias
More information about the Users
mailing list