[strongSwan] ip pool assignment algorithm

Noel Kuntze noel.kuntze+strongswan-users-ml at thermi.consulting
Thu Aug 24 18:20:44 CEST 2017


Hi,

All backends behave identically, except for one thing: With SQL based pools, you can have truly static leases.
A pool of static leases (timeout == 0) will not return an address, if it is full (all leases were assigned at some point).
Other pools will return expired leases. If there are no expired leases, no address is returned. The timeout of memory backed pools can not be set.

Memory[1] (Swanctl[2] Stroke[3]):
     * This call is usually invoked several times: The first time to find an
     * existing lease (MEM_POOL_EXISTING), if none found a second time to
     * acquire a new lease (MEM_POOL_NEW), and if the pool is full once again
     * to assign an existing offline lease (MEM_POOL_REASSIGN).
Existing -> unallocated -> offline -> fail
SQL[4]]

Kind regards

Noel


[1] https://github.com/strongswan/strongswan/blob/master/src/libcharon/attributes/mem_pool.h#L85
[2] https://github.com/strongswan/strongswan/blob/b668bf3f9ec1e6e44cb31c727ac928105e383b32/src/libcharon/plugins/vici/vici_attribute.c#L138
[3] https://github.com/strongswan/strongswan/blob/b668bf3f9ec1e6e44cb31c727ac928105e383b32/src/libcharon/plugins/stroke/stroke_attribute.c#L122
[4] https://github.com/strongswan/strongswan/blob/08b19dd02a4911c07a0c636726af05a5c537bc64/src/libcharon/plugins/attr_sql/attr_sql_provider.c#L258


On 24.08.2017 15:32, Mike.Ettrich at bertelsmann.de wrote:
>
> Hi!
>
>  
>
> Are there some detailed informations about how ip’s from a pool will be assigned to a connection?
>
>  
>
> As I saw there are different backends possible, but are there rules to assign the ips like LRU or ‘next in orderd number’?
>
>  
>
>  
>
> Thanks for help.
>
>  
>
> Kind regards,
>
> Mike.
>
>  
>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170824/dc42b5e3/attachment.sig>


More information about the Users mailing list