[Swan] Is left=victor.vouters.dyndns.org actually invalid ????

Paul Wouters paul at nohats.ca
Mon Jan 7 19:43:27 EET 2013


On Mon, 7 Jan 2013, Philippe Vouters wrote:

> left=victor.vouters.dyndns.org is treated by confread as KH_IPHOSTNAME   = 7, 
> /* host_addr invalid, only string */

> Why it excludes a call to
> er = ttoaddr(end->strings[KSCF_IP], 0, family, &(end->addr));
> remains a mystery for me !!!!

We cannot just resolve the name to an IP, because then 3 hours later we
would still think that right= lives on that IP, but it might have changed
its IP. This is common for dyndns.org setups where IPsec gateways are
on dynamic IP dsl/cable connections.

So, we need to remember that we used a (DNS) name, but we need to load
the IP address into pluto.

That is why we have KH_IPHOSTNAME.

Paul


More information about the Swan mailing list