[ovs-dev] [PATCH v2 3/5] ipsec: IPv6 default route support for Libreswan
aconole at redhat.com
Wed Mar 31 13:30:57 UTC 2021
Mark Gray <mark.d.gray at redhat.com> writes:
> When configuring IPsec, "ovs-monitor-ipsec" honours
> the 'local_ip' option in the 'Interface' table by configuring
> the 'left' side of the Libreswan connection with 'local_ip'.
> If 'local_ip' is not specified, "ovs-monitor-ipsec" sets
> 'left' to '%defaultroute' which is interpreted as the IP
> address of the default gateway interface.
> However, when 'remote_ip' is an IPv6 address, Libreswan
> still interprets '%defaultroute' as the IPv4 address on the
> default gateway interface (see:
> https://github.com/libreswan/libreswan/issues/416) giving
> an "address family inconsistency" error.
> This patch resolves this issue by specifying the
> connection as IPv6 when the 'remote_ip' is IPv6 and
> 'local_ip' has not been set.
> Signed-off-by: Mark Gray <mark.d.gray at redhat.com>
Acked-by: Aaron Conole <aconole at redhat.com>
More information about the dev