[IPv6] [VPNaaS] Remove obsolete --defaultroutenexthop for ipsec addconn command
Bug #1436864 reported by
venkata anil
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Expired
|
Undecided
|
Unassigned |
Bug Description
To load the connection into pluto daemon, neutron is calling ipsec addconn command.
When ipv6 address is passed for --defaultrouten
'ipsec', 'addconn', '--defaultroute
we are getting following error
ignoring invalid defaultnexthop: non-ipv6 address may not contain `:'
As --defaultrouten
Changed in neutron: | |
assignee: | nobody → venkata anil (anil-venkata) |
tags: | added: vpnaas |
Changed in neutron: | |
assignee: | venkata anil (anil-venkata) → nobody |
To post a comment you must log in.
I see that it is indicated that the --defaultrouten exthop is obsolete for Libreswan. I guess this was tested on Fedora. Since OpenStack officially supports OpenSwan and not LibreSwan, two things should be done.
First, we should determine whether or not this problem exists for OpenSwan and, if so, fix it under this bug.
Second, a bug should be created for adding LibreSwan support (under Fedora) for OpenStack. The driver can be derived (subclassed) from the OpenSwan driver and can then provide the above fix as well.
In general, IPv6 support by the various VPN device drivers, should be tested/verified.