Red Hat Bugzilla – Bug 205923
New version of iproute broke vpnc-script
Last modified: 2007-11-30 17:11:42 EST
Description of problem:
The recent update to iproute-2.6.16-1.fc5 broke vpnc (more accurately, it broke
/etc/vpnc/vpnc-script). The new iproute adds a "hoplimit" value to the output of
"ip route get <ipsec_gw_address>". Because fix_ip_get_output doesn't know to
remove it (and it isn't a valid parameter to "ip route add"), the attempt to add
a route to the VPN concentrator fails with "Error: either "to" is duplicate, or
"hoplimit" is a garbage."
The fix is easy, just modify fix_ip_get_output to strip the hoplimit value.
Patch will be attached shortly.
Version-Release number of selected component (if applicable):
100% since updating to iproute-2.6.16-1.fc5.
Steps to Reproduce:
1. Update to iproute-2.6.16-1.fc5
2. Try to connect to a VPN concentrator
3. Enjoy not being able to pass any packets
Error adding route to VPN concentrator
Sucessful addition of route to VPN concentrator
Created attachment 135916 [details]
Patch to strip hoplimit from output of ip route get
Bug reproduces for me on two different VPN concentrators.
Reverted for now to iproute-2.6.15-1.2.
Just to confirm that vpnc-0.3.3-7.3 and newer iproute work fine together.
This is confirmation that vpnc-0.3.3-7.3 works properly on RHEL5 beta 1, whereas
-7.2 does not.