Bug 1957778

Summary: a running libreswan should find a way to know when a default route has been added/changed
Product: Red Hat Enterprise Linux 8 Reporter: Mai Ling <mailinglists35>
Component: libreswanAssignee: Daiki Ueno <dueno>
Status: NEW --- QA Contact: Ondrej Moriš <omoris>
Severity: high Docs Contact:
Priority: medium    
Version: 8.3CC: omoris
Target Milestone: betaKeywords: Triaged
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Mai Ling 2021-05-06 13:08:34 UTC 
Description of problem:
If at the service start time there is no default route, later on when a default route is added the service is unable to bring up a connection, showing the error message "We cannot identify ourselves with either end of this connection. XX.XX.XX.XX or 0.0.0.0 are not usable"

Version-Release number of selected component (if applicable):


How reproducible:

always

Steps to Reproduce:
1. configure network without a gateway
2. start libreswan
3. add default gateway
4. ipsec auto --up conn

Actual results:
https://access.redhat.com/solutions/3610301

Expected results:
find a way to know there is a default route and automatically bring up connections that are marked `auto` or `route` in the config file

Additional info:
workaround is to write a script to check for this condition and restart libreswan, and install it as a service to monitor libreswan service

strongswan does manage to get itself informed about such changes