[Swan] leftsourceip functionality with libreswan-3.0

Paul Wouters pwouters at redhat.com
Sun Jan 6 00:30:40 EET 2013 

On Sat, 5 Jan 2013, Philippe Vouters wrote:

>          leftsourceip=192.168.1.2

> After the ping action above on the laptop, I now read these routes on my 
> desktop (192.168.1.2):
>
> [philippe at victor ~]$ route -n
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
> 0.0.0.0         192.168.1.1     0.0.0.0         UG    0 0        0 eth0
> 169.254.0.0     0.0.0.0         255.255.0.0     U     1002 0        0 eth0
> 192.168.1.0     0.0.0.0         255.255.255.0   U     0 0        0 eth0
> 192.168.2.101   192.168.1.1     255.255.255.255 UGH   0 0        0 eth0

Note that "route -n" does not show you the full information, for
instance it does not show you which source ip would be used for a
specific route. It is much better to use "ip route show" (or the shorter
form "ip ro"

This shows you the source ip used as well, which is quite relevant to
this type of question with leftsourceip=

In the routing table below you can see my vpn to 10/8 is up and that
for reaching it, I am using the (cisco assigned obtained via XAUTH
source ip of 10.10.51.245)

Paul


# ip r
default via 76.10.157.65 dev virbr0 
10.0.0.0/8 via 76.10.157.65 dev virbr0  src 10.10.51.245 
76.10.157.64/28 dev virbr0  proto kernel  scope link  src 76.10.157.69 
169.254.0.0/16 dev eth0  scope link  metric 1002 
169.254.0.0/16 dev virbr0  scope link  metric 1003 
192.0.1.0/24 dev swan01  proto kernel  scope link  src 192.0.1.127 
192.0.2.0/24 dev swan02  proto kernel  scope link  src 192.0.2.127 
192.1.2.0/24 dev swan12  proto kernel  scope link  src 192.1.2.254 
192.1.3.0/24 dev swan13  proto kernel  scope link  src 192.1.3.254 
192.1.4.0/24 dev swan14  proto kernel  scope link  src 192.1.4.253 
192.9.2.0/24 dev swan92  proto kernel  scope link  src 192.9.2.253 
192.9.4.0/24 dev swan94  proto kernel  scope link  src 192.9.4.253 
192.168.7.0/24 dev virbr2  proto kernel  scope link  src 192.168.7.1 
192.168.200.0/24 dev virbr3  proto kernel  scope link  src 192.168.200.1 
192.168.234.0/24 dev virbr1  proto kernel  scope link  src 192.168.234.1 
206.248.154.103 dev ppp0  proto kernel  scope link  src 206.248.185.158

More information about the Swan mailing list