[Swan] Failover struggles
Paul Wouters
paul at nohats.ca
Thu Nov 30 14:14:35 UTC 2017
On Fri, 24 Nov 2017, John Crisp wrote:
> conn LibreToDHCP
> leftcert="LibreBackup"
> rightcert="Endian"
> auto=add
> left=%defaultroute
> leftid=%fromcert
> leftsourceip=192.168.100.1
> leftsubnet=192.168.100.0/24
> right=%any
> rightid=%fromcert
> rightsubnet=192.168.101.0/24
> conn LibreToMain
> leftcert="LibreMain"
> rightcert="Endian"
> auto=add
> left=%defaultroute
> leftid=%fromcert
> leftsourceip=192.168.100.1
> leftsubnet=192.168.100.0/24
> right=1.2.3.4
> rightid=%fromcert
> rightsubnet=192.168.101.0/24
The issue here is that LibreToDHCP overlaps with LibreToMain because one
has right=1.2.3.4 and the other has right=%any. But the ID's used
are the same on both connections. Why can you not _only_ use the
LibreToDHCP connection, since 1.2.3.4 can also be "any". That way, the
connection will see a second attempt as replacing the existing
connection, and you won't get "eroute already in use".
Paul
More information about the Swan
mailing list