Re: [strongSwan] triggering MOBIKE in strongswan

2016-11-22 Thread Ravi Kanth Vanapalli 
Thank you Andreas for the clarification.

One additional query. There is a flag named roam_events in
kernel_netlink_net.c

My understanding of this flag is when the UE IP address changes, if this
flag is set to true, then UE triggers MOBIKE, else UE doesn't trigger
MOBIKE even though UE's source IP address changes.

Kindly confirm if my understanding of this flag is true.


On Wed, Nov 16, 2016 at 4:42 PM, Andreas Steffen <
andreas.stef...@strongswan.org> wrote:

> Hi Ravi,
>
> yes, your understanding is correct. Our MOBIKE example scenario
>
> https://www.strongswan.org/testing/testresults/ikev2/mobike/index.html
>
> shows the interface change:
>
> 13[IKE] peer supports MOBIKE
> 07[KNL] 192.168.0.50 disappeared from eth1
> 15[KNL] interface eth1 deactivated
> 16[KNL] fec0::5 disappeared from eth1
> 07[KNL] fe80::5054:ff:fe3b:cd7 disappeared from eth1
> 12[IKE] old path is not available anymore, try to find another
> 12[IKE] looking for a route to 192.168.0.2 ...
> 12[IKE] requesting address change using MOBIKE
> 12[ENC] generating INFORMATIONAL request 2 [ ]
> 12[IKE] checking path 10.1.0.10[4500] - 192.168.0.2[4500]
> 12[NET] sending packet: from 10.1.0.10[4500] to 192.168.0.2[4500] (80
> bytes)
> 12[IKE] checking path 10.1.0.10[4500] - 10.2.0.1[4500]
> 12[NET] sending packet: from 10.1.0.10[4500] to 10.2.0.1[4500] (80 bytes)
> 15[NET] received packet: from 192.168.0.2[4500] to 10.1.0.10[4500] (80
> bytes)
> 15[ENC] parsed INFORMATIONAL response 2 [ ]
> 15[ENC] generating INFORMATIONAL request 3 [ N(UPD_SA_ADDR) N(NATD_S_IP)
> N(NATD_D_IP) N(COOKIE2) N(ADD_6_ADDR) ]
> 15[NET] sending packet: from 10.1.0.10[4500] to 192.168.0.2[4500] (192
> bytes)
> 13[NET] received packet: from 192.168.0.2[4500] to 10.1.0.10[4500] (160
> bytes)
> 13[ENC] parsed INFORMATIONAL response 3 [ N(NATD_S_IP) N(NATD_D_IP)
> N(COOKIE2) ]
>
> Regards
>
> Andreas
>
> On 16.11.2016 15:54, Ravi Kanth Vanapalli wrote:
> > Hi,
> >
> >I wanted to know how is MOBIKE triggered in Strongswan.
> >I have setup an IKEv2 connection to the gateway with MOBIKE enabled.
> > I confirmed it from the logs.
> >My understanding of MOBIKE is, if the default route to the gateway is
> > changed i.e lets say from IP1 to IP2.  IP1 is on interface 1 , IP2 is on
> > interface 2, UE triggers MOBIKE based IKE SA update to update the source
> > IP. strongswan doesn't bind to any specific interface for sending the
> > packets out to the ipsec gateway.
> > Could you please confirm if this understanding is correct.
> >
> >
> > --
> > Regards,
> >
> > RaviKanth VN Vanapalli
> > Email: vvnrk.vanapa...@gmail.com 
> >
> >
> > ___
> > Users mailing list
> > Users@lists.strongswan.org
> > https://lists.strongswan.org/mailman/listinfo/users
> >
>
> --
> ==
> Andreas Steffen andreas.stef...@strongswan.org
> strongSwan - the Open Source VPN Solution!  www.strongswan.org
> Institute for Internet Technologies and Applications
> University of Applied Sciences Rapperswil
> CH-8640 Rapperswil (Switzerland)
> ===[ITA-HSR]==
>
>


-- 
Regards,
RaviKanth VN Vanapalli
Email: vvnrk.vanapa...@gmail.com
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] triggering MOBIKE in strongswan

2016-11-16 Thread Andreas Steffen 
Hi Ravi,

yes, your understanding is correct. Our MOBIKE example scenario

https://www.strongswan.org/testing/testresults/ikev2/mobike/index.html

shows the interface change:

13[IKE] peer supports MOBIKE
07[KNL] 192.168.0.50 disappeared from eth1
15[KNL] interface eth1 deactivated
16[KNL] fec0::5 disappeared from eth1
07[KNL] fe80::5054:ff:fe3b:cd7 disappeared from eth1
12[IKE] old path is not available anymore, try to find another
12[IKE] looking for a route to 192.168.0.2 ...
12[IKE] requesting address change using MOBIKE
12[ENC] generating INFORMATIONAL request 2 [ ]
12[IKE] checking path 10.1.0.10[4500] - 192.168.0.2[4500]
12[NET] sending packet: from 10.1.0.10[4500] to 192.168.0.2[4500] (80 bytes)
12[IKE] checking path 10.1.0.10[4500] - 10.2.0.1[4500]
12[NET] sending packet: from 10.1.0.10[4500] to 10.2.0.1[4500] (80 bytes)
15[NET] received packet: from 192.168.0.2[4500] to 10.1.0.10[4500] (80
bytes)
15[ENC] parsed INFORMATIONAL response 2 [ ]
15[ENC] generating INFORMATIONAL request 3 [ N(UPD_SA_ADDR) N(NATD_S_IP)
N(NATD_D_IP) N(COOKIE2) N(ADD_6_ADDR) ]
15[NET] sending packet: from 10.1.0.10[4500] to 192.168.0.2[4500] (192
bytes)
13[NET] received packet: from 192.168.0.2[4500] to 10.1.0.10[4500] (160
bytes)
13[ENC] parsed INFORMATIONAL response 3 [ N(NATD_S_IP) N(NATD_D_IP)
N(COOKIE2) ]

Regards

Andreas

On 16.11.2016 15:54, Ravi Kanth Vanapalli wrote:
> Hi,
> 
>I wanted to know how is MOBIKE triggered in Strongswan.
>I have setup an IKEv2 connection to the gateway with MOBIKE enabled.
> I confirmed it from the logs.
>My understanding of MOBIKE is, if the default route to the gateway is
> changed i.e lets say from IP1 to IP2.  IP1 is on interface 1 , IP2 is on
> interface 2, UE triggers MOBIKE based IKE SA update to update the source
> IP. strongswan doesn't bind to any specific interface for sending the
> packets out to the ipsec gateway.
> Could you please confirm if this understanding is correct.
> 
> 
> -- 
> Regards,
> 
> RaviKanth VN Vanapalli
> Email: vvnrk.vanapa...@gmail.com 
> 
> 
> ___
> Users mailing list
> Users@lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
> 

-- 
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution!  www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===[ITA-HSR]==



smime.p7s
Description: S/MIME Cryptographic Signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users