Hi, I'm using strongswan IKEv2 configuration for DB (sqlite3) based server side virtual IP. I am using pool utility for managing the virtual IPs.
>From the documentation given at https://wiki.strongswan.org/projects/strongswan/wiki/Ipsecpool, I'm not clear on what the status means. Could you please explain the terminology online|offline|valid|expired. Is 'offline' applicable only when timeout is 0? Will offline/expired addresses be released so that it will be provided to other clients? Also, the time shown in the output of 'ipsec pool --leases' is very confusing. Creating the pool: # ipsec pool --add bigpool --start 60.60.60.1 --end 60.60.60.1 --timeout 1 allocating 1 addresses... done. Client established connection: # date --utc; ipsec pool --leases --utc Wed Jun 3 07:00:35 UTC 2015 name address status start end identity bigpool 60.60.60.1 online (null) 15 09:04:32 1803625851 30.30.30.3 In above output, the start time is different from the time that client established connection (output of date --utc). Client disconnected: # date --utc; ipsec pool --leases --utc Wed Jun 3 07:01:03 UTC 2015 name address status start end identity bigpool 60.60.60.1 valid (null) 15 16:05:29 1803625896 (null) 29 03:51:12 1803629253 30.30.30.3 Here, start time and end time are not differing by 1 hour (timeout given) However, the functionality is working fine - the address was marked expired exactly after one hour, just that the output is not understandable. # date --utc; ipsec pool --leases --utc Wed Jun 3 08:01:59 UTC 2015 name address status start end identity bigpool 60.60.60.1 expired (null) 15 16:05:29 1803625896 (null) 29 03:51:12 1803629253 30.30.30.3 Could you please explain how to understand the time shown in the output. - Divya _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users