[Swan-dev] addresspool and handing out network/broadcast addresses

Paul Wouters paul at nohats.ca
Fri May 2 21:20:21 EEST 2014

Previous message: [Swan-dev] Is it possible to have multiple roaming user to connect with one IPSec server using certificate in ikev2 mode for libreswan
Next message: [Swan-dev] addresspool and handing out network/broadcast addresses
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

One of the test cases showed an issue with binding a received address
from the addresspool by an XAUTH client. It turned out it was 192.0.2.0.

I would suggest that if an addresspool is defined that includes
a.b.c.0/32 that we actually skip that address and not hand it out.

And do the same with a.b.c.255/32

Paul

Previous message: [Swan-dev] Is it possible to have multiple roaming user to connect with one IPSec server using certificate in ikev2 mode for libreswan
Next message: [Swan-dev] addresspool and handing out network/broadcast addresses
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Swan-dev mailing list