[strongSwan] commit 6b57790270fb07c579315c70ecce34f8ad9a4d63 is different when it comes to libcharon
Jaehong Park
jaehong.park at illumio.com
Fri Sep 8 18:44:56 CEST 2017
One more question on the topic.
let’s say I have two default gateway like
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.10.1.1 0.0.0.0 UG 1 0 0 eth0
0.0.0.0 10.10.2.1 0.0.0.0 UG 10001 0 0 eth1
10.10.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.10.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
then when StrongSwan tried to pick proper src interface to destination 52.8.208.79
it will ends up picking whatever the left one at the end of enumeration.
2017-09-08T16:19:52+0000 07[KNL] 52.8.208.79 is not a local address or the interface is down
2017-09-08T16:19:52+0000 07[CFG] added configuration '4.0.0.52-8-208-79.32.0'
2017-09-08T16:19:52+0000 09[CFG] received stroke: route '4.0.0.52-8-208-79.32.0'
2017-09-08T16:19:52+0000 09[KNL] using 10.10.2.253 as address to reach 52.8.208.79/32
2017-09-08T16:19:52+0000 09[KNL] adding policy 10.10.2.253/32 === 52.8.208.79/32 out [priority 283616, refcount 1]
2017-09-08T16:19:52+0000 09[KNL] adding policy 52.8.208.79/32 === 10.10.2.253/32 in [priority 283616, refcount 1]
On Sep 7, 2017, at 11:30 PM, Tobias Brunner <tobias at strongswan.org<mailto:tobias at strongswan.org>> wrote:
Hi Jaehong,
The logic of get_route function in /libcharon/plugins/kernel_netlink/kernel_netlink_net.c was ported to differently than it is described above.
Yes, that was changed with 3f4cc30b19b0d3294bff0a6306c8c5d6fa75e705 [1].
Regards,
Tobias
[1] https://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=3f4cc30b
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170908/ae555bc6/attachment-0001.html>
More information about the Users
mailing list