IPv6-based address pools are fully supported although /64 is way to large to keep in memory since we must instantiate the whole address space due to lookup performance reasons.
The real problem is that the Linux kernel does not support routing table entries with the src parameter being an IPv6 address, so that virtual IPv6 addresses can be checked out by a VPN gateway and are transported via the IKEv2 configuration payload or the IKEv1 Mode Config payload but cannot be installed in the kernel. Thus we cannot force IPv6 packets to leave via a physical interface but assuming a different source address. Best regards Andreas Claude Tompers wrote: > Hi, > > I fear my email has been overseen, so I repost it again with further > details. In an IPv4 VPN, I can assign IP addresses from a given pool > to the roadwarriors by using i.e. : > > rightsourceip=192.168.128/25 > > Is it possible to do the same with IPv6 ? > > rightsourceip=fec0:1234:5678::/64 > > regards Claude Tompers > > > On Thursday 08 April 2010 11:48:38 Claude Tompers wrote: >> Hi, >> >> Is there a way to distribute IPv6 addresses to road warriors ? i.e. >> : rightsourceip=<IPv6-subnet> I've tried this but it always >> distributes the same address to every host. >> >> thanks in advance Claude ====================================================================== Andreas Steffen [email protected] strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]== _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
