[Swan-dev] overlapping address pools
D. Hugh Redelmeier
hugh at mimosa.com
Tue Apr 22 03:55:10 EEST 2014
| From: Antony Antony <antony at phenome.org>
| Also I
| realized if I really want I can take a single address from an
| addresspool and configure it as /32 leftsubnet. The proposed partial
| overlap check will not prohibit that:)
True. But if you take a /32 that conflicts with a leased /32, there
will be a routing clash that probably causes obscure error messages.
We should probably object to conns that use addresses (subnets) that
cover addresses in a pool.
| Libreswan assigns from a user configured addresspool. So I think
| addresspool and subnet assignments are similar.
There is a time-honoured rule for overlapping but not identical
subnets. We have no rule for overlapping but not identical ranges;
mayhem ensues.
| Any way, lets agree that a partial overlap between addresspools will be
| rejected. I will make the change.
Thanks.
More information about the Swan-dev
mailing list