Red Hat Bugzilla – Bug 14956
/etc/cipe/options is misleading
Last modified: 2008-05-01 11:37:57 EDT
The stock /etc/cipe/options reads as follows:
# The static key. Keep this file secret!
# The key is 128 bits in hexadecimal notation.
# You shouldn't have to modify anything past this point.
# The peer's IP address.
# Our CIPE device's IP address.
[ ... ]
This is highly misleading. If you don't define ptpaddr and ipaddr, ciped
process won't even
start properly. 'me' and 'peer', on the other hand, can be ignored (due to
way ciped is started).
Please move the comment line down like 5-10 lines, depending on how crucial
you feel maxerr definition is. For server-server VPN links setting it to
-1 would be helpful (ciped won't quit even after a lot of invalid packets
Perhaps it would be good to change the defaults of ptpaddr and ipaddr to
IP address space, like 10.0.0.1 and 10.0.0.2? Or, something rarer like
172.16.100.1 and 172.16.100.2.
cipe-1.3.0-10 will include the ability to set IPADDR and PTPADDR values in the
sysconfig file, and the init script will pick them up (or not) depending on
whether or not they are defined.