Too resource intensive. Really needs a dedicated monitoring daemon or hack racoon to do the right thing(TM).
On 3/20/06, Fuchs, Martin <[EMAIL PROTECTED]> wrote: > A possible workaround might be a cron'd dns lookup and thereafter write the > (new) ip adress to a temp-file when changed ? Or a lookup after tunnel > termination ? > > -----Ursprüngliche Nachricht----- > Von: Angelo Turetta [mailto:[EMAIL PROTECTED] > Gesendet: Montag, 20. März 2006 20:23 > An: [email protected] > Betreff: Re: AW: [pfSense Support] VPN with dynamic IP for both endpoints > > > But it seems to me as if racoon would just fail to lookup the ip from > > the hostname ? > > Ok, if the connection terminates due to ip change we'll have to wait a > > few minutes to reconnect, but would it not be possible to "teach" > > racoon to correctly translate the name to the ip ? > > It's even so that racoon cannot translate static names to static ip > > adresses... > > I think you refer to this directive in racoon.conf(5): > > Remote Nodes Specifications > remote (address | anonymous) [[port]] [inherit parent] { statements } > > As you see, it's documented: either an address, or 'anonymous'. > But again, even whether the DNS lookup be done at runtime and not at > config-time, if nobody changes the SPD entries racoon will NEVER negotiate a > new tunnel with a different peer. No way. > > Angelo Turetta > Modena - Italy > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: > [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
