Bug 215480

Summary: Bad openswan interaction with recent pppd.
Product: [Fedora] Fedora Reporter: Marek Greško <gresko>
Component: openswanAssignee: Steve Conklin <sconklin>
Status: CLOSED WONTFIX QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-01-04 16:54:03 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Marek Greško 2006-11-14 10:13:55 UTC 
Description of problem:
nexthop=%defaultroute does not work with ppp connection since fc6.
The problem is related to feature (or bug) of pppd that does not fill default
gateway address in the default route line.

Paul Wouters created a patch to openswan that will go into openswan 2.4.7
release. I would appreciate this patch into fedora openswan package.

Version-Release number of selected component (if applicable):
openswan-2.4.5-2.1


How reproducible:
Always.

Steps to Reproduce:
1. Bring up ppp connection.
2. Bring up ipsec tunnel with ?nexthop=%defaultroute
3. IPsec tunnel will not come up
  
Actual results:
IPsec tunnel does no come up.

Expected results:
IPsec tunnel comes up.

Additional info:
The patch consist of editing the file /usr/lib/ipsec/_startklips.
The lines (at line 156):
                        if test " $2" != " 0.0.0.0"
                        then
                                echo "defaultroutenexthop=$2"
                        fi
should be changed to:
                        if test " $2" != " 0.0.0.0"
                        then
                                echo "defaultroutenexthop=$2"
                        else
                                echo "defaultroutenexthop=%direct"
                        fi
Comment 1 Paul Wouters 2007-10-19 19:17:36 UTC 
There is actually no reason why FC6 is not running the same openswan rpm as F-7.
The 2.4.x release is in bugfix/maintenance release only. 2.4.9 is out, and
2.4.10 will be out shortly (the last releases in the 2.4.x series)
Comment 2 Steve Conklin 2008-01-04 16:54:03 UTC 
Fedora 6 has reached end of life. This issue is resolved in later releases.