[strongSwan] SWAN leases runtime API
Tobias Brunner
tobias at strongswan.org
Tue Mar 21 09:00:41 CET 2017
Hi Noel,
>>> - Can we assure multiple VPN servers configured to work with the same
>>> pool in common DB will assign unique virtual IPs?
>> Yes, if they use the same DB the leases will be unique.
>
> I just had a quick look at the code of the attr-sql plugin.
> The attr-sql plugin seems to close all online leases when it gets loaded[1].
Thanks for noticing that.
> Tobias, can you elaborate on what the code does exactly (I know Martin wrote the code)?
As the comment indicates it intends to release any online leases in case
of a crash of the daemon. When an SA is properly terminated the
addresses are released (and if lease_history is enabled recorded) but
that won't happen if the daemon crashes. I guess we could make that
cleanup optional in order to enable sharing the DB. I pushed that to
the attr-sql-cleanup branch.
Regards,
Tobias
More information about the Users
mailing list