[Swan-dev] ikev2-allow-narrow-08-2conns issue with connection instantiation
Paul Wouters
paul at nohats.ca
Fri Nov 30 17:13:30 UTC 2018
Looking at ikev2-allow-narrow-08-2conns it seems our narrowing code is
not properly instantiating connections.
It shows up on east as two connections, both connname[1]
It re-used the same reqid, so we do not have two full sets of in/out/fwd
xfrm policies. Traffic is mixed up between the two Child SA's that use
different protoports.
My guess is the core problem is the connection not fully instantiating,
which should also cause a new reqid to be generated for it.
Paul
More information about the Swan-dev
mailing list