[Swan-commit] Changes to ref refs/heads/master
Antony Antony
antony at vault.libreswan.fi
Fri Oct 11 11:45:41 UTC 2019
New commits:
commit c292bc1fcc71e0bee0586f46a1e276058290f532
Merge: 885156f cdc57cb
Author: Antony Antony <antony at phenome.org>
Date: Fri Oct 11 11:28:30 2019 +0000
Merge branch 'addrsspool6'
This is mostly server support for IPv6 addrsspool
client support is partial, it need updown script support for v6.
an example of server side config
conn east
left=%any
right=2001:db8:1:2::23
leftid=%any
rightid=@east
leftaddresspool=2001:db8:0:3:1::/97
rightsubnet=2001:db8:0:2::/64
narrowing=yes
hostaddrfamily=ipv6
clientaddrfamily=ipv6
ERROR on Client after the connection come up, missing source address and route
missing support for up-client-v6 addsource()
ping6 -c 2 -w 5 -I 2001:db8:0:3:1::0 2001:db8:0:2::254
ping: bind icmp socket: Cannot assign requested address
commit cdc57cba0810c42b46ed1f908cb1502787ab71b8
Author: Antony Antony <antony at phenome.org>
Date: Wed Oct 9 16:45:41 2019 +0000
testing: addresspool6 tests
commit 63d1c99cee360fa1b39fc68e4d21f334fb484eab
Author: Antony Antony <antony at phenome.org>
Date: Thu Oct 10 09:13:54 2019 +0000
addresspool: initial support for IPv6 addresspool
allow ipv6 addresspool
conn v6pool
leftaddresspool=2001:db8:0:3:1::/97
* pool range is specified as subnet
* allowed prefix length /96 to /128
* /96 accepted with a WARNING, truncate pool size to 2^32-1, one less than 4B
* IKEv2 only support initially.
* as a client updown do not support up-client-v6 ie. addsource() is not called
commit fe4b2b29aabc8d0494f1b4c5358931fa66068e71
Author: Antony Antony <antony at phenome.org>
Date: Thu Oct 10 09:13:07 2019 +0000
ip: ttorange allow ipv6 also
only allow prefix length /96 - /128
commit 53aab68ddf8fce2621b18feca55354ca753ccdee
Author: Antony Antony <antony at phenome.org>
Date: Thu Oct 10 09:11:45 2019 +0000
ip: address ntohl_address return bytes 12-16 uint32_t for IPv6
IPv6 use the last 32 bits as index for addresspool.
More information about the Swan-commit
mailing list