On Tue, 28 Apr 2020, Rav Ya wrote:
Question: With this configuration, my the first tunnel comes up successfully but my second tunnel fails with “route already in use” error?
That is a bug. Can you try adding overlapip=yes to all connections ?
Given that I have two different XRFMi interfaces shouldn’t we allow route (0.0.0.0/0 -> 0.0.0.0/0 subnets) for individual XFRMi to run iBGP? What am I missing? Any recommendations please?
It is because the legacy KLIPS stick did not support overlapping IPsec connections. We are about to rip out KLIPS, but got delayed by a few releases, so it is still in the last release (although it has been ripped out in git master). Paul _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
