[Swan-dev] libreswan-git/klips doesn't remove old ip addresses from ipsec device
wolfgang at linogate.de
Wed May 7 17:33:40 EEST 2014
If the ip address of a dynamic base device changes the old ip address
will not removed even after an ipsec restart.
The problem was introduced with the
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Mar 28 19:05:56 2014 -0400
_stackmanager: optimize unloading stacks
With this change the ipsec modules won't be unloaded on stop.
Should it be part of the network scripts to care about an ip address
change and removing it from the ipsec device?
What is the recommend procedure that the network scripts have to do when
the ip address changed?
I think one simple solution were to flush the ip from ipsec after
clearing the eroutes or replacing the ip instead of adding id in the
More information about the Swan-dev