On Sat, Jul 23, 2011 at 04:38:00PM +0200, csszep wrote:
Hello!
Openswan with klips stack use ipsec* interface which is configured to the same ip address as the physical interface.
If i use the direct protocol and starting ipsec daemon the physical interface's connected route disappears. If i stopping ipsec daemon any connected route is missing from direct protocol.
Yes, there is a bug in BIRD direct protocol. Simplest workaround is to limit the direct protocol on non-IPSec ifaces: protocol direct { interface -"ipsec*", "*"; } But generally, there would be probably more problems with that setting in BIRD, as BIRD generally assumes that address prefixes are unique. -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."