I've encountered an unusual routing issue after setting up IPSec over IPv6 with StrongSwan. There hasn't been any help forthcoming from the StrongSwan list, and in any case I suspect the problem might be kernel-related, since it occurs after the tunnel has been established and the output of ip xfrm policy show and ip xfrm state show both look correct to me.
The machine has an eth0 interface to which the IPv6 public address is assigned and a ppp0 interface associated with an ADSL modem card. ppp0 only has a local link address (DHCPv6 prefix delegation is used). The default route goes via ppp0. If I set up an IPSec tunnel mode association with a remote machine, my host doesn't know where to send the packets and I get "address unreachable" packets appearing on the loopback interface. After a while, everything corrects itself for a short time and packets flow; then IPSec keys are renegotiated and it fails completely. Where should I submit the bug report? I can provide the output of various ip show commands. There's no urgency on this (just experimenting with IPSec, after all) but I like to see bugs being fixed. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
