On Mon, 4 Jan 2021, Antony Antony wrote:
Subject: [Swan-dev] what is INTERFACE_IP / ifaceip / interface-ip= for?
Yes the idea was to add that IP address/prefix to the xfrm interface. The unfinished feature is inherited from VTI model(possibly hack?). In VTI the IP address was added in updwon script. In xfrmi, I would like to add the IP from pluto using netlink calls, c functions, instead of calling external command "ip".
May be rethink is this feature still relevant? May be the users are using systemd or other scripts to configure interface ip?
Some will use systemd, others will not. The option is there for those who want libreswan to do it.
I advise against using updrown script for adding the ip address! I think adding from pluto is better. Also now the KLIPS is gone, it would be easier from pluto.
I'm fine if we do that. However, now we have a broken option interface-ip= that isn't doing what users expect - to put the IP on the interface. I would rather see us duplicate the vti code in updown for now until we have a working pluto solution than for this option to just guarantee fail. Paul _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
