[Swan] Duplicate ip xfrm state entries, unconfigured ip xfrm state entries
Paul Wouters
paul at nohats.ca
Wed Oct 24 07:47:05 UTC 2018
On Tue, 23 Oct 2018, Craig Marker wrote:
> I use —route because it creates the VTI and allows routes to be added through the VTI before a connection has been established. Though I don’t want ondemand causing acquires for everything. Is there a way to ensure the VTI is created without using ondemand? Relying on the updown script to add routes after the fact is an unacceptable solution.
You can add a call to addvti to case prepare-host|prepare-client) in
_updown.netkey
Although I don't understand why the current solution is "unacceptable"
for you.
Paul
More information about the Swan
mailing list