Hi Paul, Thank you for your time.
Setting all the connections to "overlapip=yes" did not help. I am still seeing the same “route already in use” error. Any other suggestions? or workaround that might work? Apr 28 19:13:40.288938: | route owner of "gateway02"[1] 10.11.0.2 unrouted: "gateway01"[1] 10.11.0.1 erouted; eroute owner: "gateway01"[1] 10.11.0.1 erouted Apr 28 19:13:40.288946: "gateway02"[1] 10.11.0.2 #7: cannot route -- route already in use for "gateway01"[1] 10.11.0.1 If I understand correctly the next release (v3.32) will not have the legacy KLIPS and shall support overlapping IPs. Is there a rollout date for the next release? Also, if I build the master branch I should not see this issue. Right? -Rav Ya On Tue, Apr 28, 2020 at 6:34 PM Paul Wouters <[email protected]> wrote: > On Tue, 28 Apr 2020, Rav Ya wrote: > > > Question: With this configuration, my the first tunnel comes up > successfully but my second tunnel > > fails with “route already in use” error? > > That is a bug. Can you try adding overlapip=yes to all connections ? > > > Given that I have two different XRFMi interfaces shouldn’t we allow > route (0.0.0.0/0 -> 0.0.0.0/0 > > subnets) for individual XFRMi to run iBGP? What am I missing? Any > recommendations please? > > It is because the legacy KLIPS stick did not support overlapping IPsec > connections. We are about to rip out KLIPS, but got delayed by a few > releases, so it is still in the last release (although it has been > ripped out in git master). > > Paul >
_______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
