| From: Antony Antony <[email protected]> | Also I | realized if I really want I can take a single address from an | addresspool and configure it as /32 leftsubnet. The proposed partial | overlap check will not prohibit that:)
True. But if you take a /32 that conflicts with a leased /32, there will be a routing clash that probably causes obscure error messages. We should probably object to conns that use addresses (subnets) that cover addresses in a pool. | Libreswan assigns from a user configured addresspool. So I think | addresspool and subnet assignments are similar. There is a time-honoured rule for overlapping but not identical subnets. We have no rule for overlapping but not identical ranges; mayhem ensues. | Any way, lets agree that a partial overlap between addresspools will be | rejected. I will make the change. Thanks. _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
