On 01/04/2021 14:58, Mark Gray wrote: > When configuring IPsec, "ovs-monitor-ipsec" honours > the 'local_ip' option in the 'Interface' table by configuring > the 'left' side of the Libreswan connection with 'local_ip'. > If 'local_ip' is not specified, "ovs-monitor-ipsec" sets > 'left' to '%defaultroute' which is interpreted as the IP > address of the default gateway interface. > > However, when 'remote_ip' is an IPv6 address, Libreswan > still interprets '%defaultroute' as the IPv4 address on the > default gateway interface (see: > https://github.com/libreswan/libreswan/issues/416) giving > an "address family inconsistency" error. > > This patch resolves this issue by specifying the > connection as IPv6 when the 'remote_ip' is IPv6 and > 'local_ip' has not been set. > > Fixes: 22c5eafb6efa ("ipsec: reintroduce IPsec support for tunneling") > Signed-off-by: Mark Gray <[email protected]> > Acked-by: Flavio Leitner <[email protected]> > Acked-by: Aaron Conole <[email protected]> > Acked-by: Eelco Chaudron <[email protected]> > ---
FYI, I think this should be back-ported as it fixes a bug in IPsec. The others update the test framework and probably don't need to be. _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
