So what’s that a MAST stack? Can you explain it to me? Thanks :) > On 04 Sep 2015, at 19:54, Randy Wyatt <[email protected]> wrote: > > Isn't there a problem that you are adding overlapping routes? 10.1.0.0/16 > <http://10.1.0.0/16> covers 10.1.13.0/24 <http://10.1.13.0/24>. I think you > need a MAST stack for this. > > On Fri, Sep 4, 2015 at 10:51 AM, Christian Hanster <[email protected] > <mailto:[email protected]>> wrote: > Hello Noel, > > the arping is working: > arping -I p5p1 -D 10.1.13.100 > ARPING 10.1.13.100 from 0.0.0.0 p5p1 > Unicast reply from 10.1.13.100 [00:25:4B:CD:F4:64] 0.984ms > Sent 1 probes (1 broadcast(s)) > Received 1 response(s) > > In the meantime I have completely reinstalled the Gateway with a fresh Ubuntu > 14.04. That did not solve the problem. Than I changed the log level of > charon and there is something really strange: > > received stroke: add connection 'passthrough' > Sep 4 19:38:55 pceapu-2 charon: 08[CFG] left nor right host is our side, > assuming left=local > Sep 4 19:38:55 pceapu-2 charon: 08[CFG] added configuration 'passthrough' > Sep 4 19:38:55 pceapu-2 charon: 10[CFG] received stroke: route 'passthrough' > Sep 4 19:38:55 pceapu-2 charon: 10[KNL] adding policy 10.1.13.0/24 > <http://10.1.13.0/24> === 10.1.13.0/24 <http://10.1.13.0/24> out (mark > 0/0x00000000) > Sep 4 19:38:55 pceapu-2 charon: 10[KNL] adding policy 10.1.13.0/24 > <http://10.1.13.0/24> === 10.1.13.0/24 <http://10.1.13.0/24> in (mark > 0/0x00000000) > Sep 4 19:38:55 pceapu-2 charon: 10[KNL] adding policy 10.1.13.0/24 > <http://10.1.13.0/24> === 10.1.13.0/24 <http://10.1.13.0/24> fwd (mark > 0/0x00000000) > Sep 4 19:38:55 pceapu-2 charon: 10[KNL] getting a local address in traffic > selector 10.1.13.0/24 <http://10.1.13.0/24> > Sep 4 19:38:55 pceapu-2 charon: 10[KNL] using host 10.1.13.1 > Sep 4 19:38:55 pceapu-2 charon: 10[KNL] using 192.168.1.1 as nexthop to > reach %any > Sep 4 19:38:55 pceapu-2 charon: 10[KNL] 10.1.13.1 is on interface p5p1 > Sep 4 19:38:55 pceapu-2 charon: 10[KNL] installing route: 10.1.13.0/24 > <http://10.1.13.0/24> via 192.168.1.1 src 10.1.13.1 dev p5p1 > Sep 4 19:38:55 pceapu-2 charon: 10[KNL] getting iface index for p5p1 > Sep 4 19:38:55 pceapu-2 charon: 10[KNL] received netlink error: Network is > unreachable (101) > Sep 4 19:38:55 pceapu-2 charon: 10[KNL] unable to install source route for > 10.1.13.1 > > For me it seems like a bug that Strongswan wants to add a route with a next > hop in a passthrough connection. At the moment I’m not completely but it > seems to produce the error because this route does not makes in my eyes any > sense as 192.168.1.1 is reachable via p4p1 interface. > > Kind regards > Christian Hanster >> On 04 Sep 2015, at 19:35, Noel Kuntze <[email protected] >> <mailto:[email protected]>> wrote: >> >> >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA256 >> >> Sorry, meant ARP, not DPD. >> arping -I eth0 -D <IP> >> >> - -- >> >> Mit freundlichen Grüßen/Kind Regards, >> Noel Kuntze >> >> GPG Key ID: 0x63EC6658 >> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 >> >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v2 >> >> iQIcBAEBCAAGBQJV6dZHAAoJEDg5KY9j7GZY2/4P+wQsKYoPaYesMCkTGzvlmy4O >> R4Hq7TLsVekuBakLxxptrt3IE8T2XvTaV2wp16qtIul45SGwHH+34W3RD0IeQJEf >> 8jc3kmuxdeszi9xVxo4HUDf72aBtZOos1v6Wt8UT30Syf2IBLPD1tdSUdlVIrX5X >> 5EVG0/AukWHf0aAZXHi41V6H7wBd6UTd1P9i828OFzYx/4Nz06OK7RR2qV1jPP/g >> 6Bgap0BnfxIc47Hs8CEZWtEMVQaCWfzCSEFAjsyymVNUZVnh2Tt4xRDJPPqoGGmQ >> yoailqdIspZ3AeYmYzcC85/nRCKrjmdTcFXaJ5crEYQ9frjzcIQJ/f+qHLy5d9+J >> 7JLVoEnFPBr2KwUqSJWlt0PhOwfnd4N5D3X5buwNl6+rBpfjgAjKZTvHWMeBc3IB >> OJ2V+0TWb1J+5C2wJaH70MhK6QE5hXFNfg7hGmpGOIGybFksJ2hmnZtN2iuudKaH >> sHapGdwMMQg3noVJPiZ7jDRVQM4sSuW/7TlrxGLOi+ghLFH9HL8zdQYSU1NmQSC8 >> v15QmJ+1LMBB/x6gct7yZRci8NtA6fjxK3tMMi9ocqeMES4ix1TA25eFrN+V9mtP >> 4K8SM3CJVf3cXTZK+99T9tnq2/raCsw5X57WXxjSZTGh/+F8k4O3pK8w16FJXfvM >> b2+VSGM+vzncYRH7QZFw >> =PFQz >> -----END PGP SIGNATURE----- >> > > > _______________________________________________ > Users mailing list > [email protected] <mailto:[email protected]> > https://lists.strongswan.org/mailman/listinfo/users > <https://lists.strongswan.org/mailman/listinfo/users> > > > > >
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
