strange behaviour with direct protocol if two interface has the same ip address
Ondrej Zajicek
santiago at crfreenet.org
Mon Jul 25 08:08:11 CEST 2011
On Sat, Jul 23, 2011 at 04:38:00PM +0200, csszep wrote:
> Hello!
>
> Openswan with klips stack use ipsec* interface which is configured to
> the same ip address as the physical interface.
>
> If i use the direct protocol and starting ipsec daemon the physical
> interface's connected route disappears.
> If i stopping ipsec daemon any connected route is missing from direct protocol.
Yes, there is a bug in BIRD direct protocol. Simplest workaround is to limit
the direct protocol on non-IPSec ifaces:
protocol direct {
interface -"ipsec*", "*";
}
But generally, there would be probably more problems with that setting in BIRD,
as BIRD generally assumes that address prefixes are unique.
--
Elen sila lumenn' omentielvo
Ondrej 'SanTiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20110725/18361cfe/attachment-0001.asc>
More information about the Bird-users
mailing list