On Sun, 3 Jan 2021, Andrew Cagney wrote:
Subject: [Swan-dev] what is INTERFACE_IP / ifaceip / interface-ip= for?
I suspect it has something to do with XFRMI. As best I can, in the current code, it is simply being passed to up-down scripts as INTERFACE_IP=...?
Yes. It is the value of interface-ip= passed to updown. It can be used to configure an IP address. It should really do this action in the default updown script when passed. The name interface-ip= was chosen after a long discussion. We wanted to make it implementation agnostic (so not call it anything xfrm) and it couldn't clash with the existing VTI code that uses VTI_IP. I think the code that uses VTI_IP in updown should also check for INTERFACE_IP and documentation should be added to _updown.xfrm.in about these options.
While the name ifaceip leads me to think it's got something to do with the host interfaces, I suspect it is connected to the XFRMI client interface IP (if this is true I'll rename the field to client_interface_ip)?
Please do not rename it. Especially not anything "client" as our pluto code uses "client" to refer to left/rightsubnets and non-developers think of client-interface-ip as something at the remote vpn clients. Paul _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
