[Swan-dev] Libreswan 5.0 RC1 IPv6 ULA not accepted
Paul Wouters
paul at nohats.ca
Mon Jan 15 21:26:13 EET 2024
On Mon, 15 Jan 2024, Tuomo Soini wrote:
> On Mon, 15 Jan 2024 13:23:58 -0500
> Bill Atwood <williamatwood41 at gmail.com> wrote:
>
>> Here is the result of the status command, on Ritchie (running 5.0
>> RC1):
>>
>> dev at Ritchie:~$ sudo ipsec status | grep interface
>> [sudo] password for dev:
>> using kernel interface: xfrm
>> interface lo UDP [::1]:4500
>> interface lo UDP [::1]:500
>> interface lo UDP 127.0.0.1:4500
>> interface lo UDP 127.0.0.1:500
>> interface enp4s0 UDP 132.205.9.46:4500
>> interface enp4s0 UDP 132.205.9.46:500
>> interface enp5s4 UDP 132.205.9.50:4500
>> interface enp5s4 UDP 132.205.9.50:500
>> interface enp5s5 UDP 132.205.9.53:4500
>> interface enp5s5 UDP 132.205.9.53:500
>> interface virbr0 UDP 192.168.123.1:4500
>> interface virbr0 UDP 192.168.123.1:500
>> "RITA6c": conn_prio: 128,128; interface: ; metric: 0; mtu: unset;
>> sa_prio:auto; sa_tfc:none;
>> dev at Ritchie:~$
>
> Is this directly from bootup of the machine?
>
> Reason could be your network configuration. Libreswan requires
> network-online.target before startup. But if you don't have setting for
> IPV6 address to be required on your interface, network-online.target
> finisheds before you have IPv6 address on the interface and so there is
> no ipv6 address when libreswan starts, yet.
You can confirm if this is the case by issuing:
sudo ipsec whack --listen
sudo ipsec status | grep interface
More information about the Swan-dev
mailing list