Project

General

Profile

Issue #3183

kernel/strongSwan behaves irrational when using charon.routing_table

Added by Noel Kuntze 25 days ago. Updated 21 days ago.

Status:
Feedback
Priority:
Normal
Assignee:
-
Category:
kernel
Affected version:
5.8.1
Resolution:

Description

When using charon.routing_table, either the kernel or strongSwan seem to actually use the first unused routing table number for its routing table, not the value of the setting. The routing table number increases with every restart of the daemon. E.g., first it's 1, then 2, then 3, and so on.
Verification that the table number isn't used yet is done by checking the output of ip route show table <number>.
If it returns nothing, the table was already used.
If the output is the following, then the routing table number wasn't used yet.

Error: ipv4: FIB table does not exist.
Dump terminated

I haven't found out yet how to delete a routing table so that the error message is printed.
The routing table isn't referenced in any rule, so something like garbage collection doesn't seem to be happening.

Kernel 5.2.14
strongSwan 5.8.1

History

#1 Updated by Tobias Brunner 25 days ago

  • Status changed from New to Feedback

What exactly did you configure? And what do you mean with "the routing table number increases with every restart of the daemon"? The setting is read and used as is by the kernel-netlink plugin.

If it returns nothing, the table was already used.

Used in what way? At least on older kernels I don't get a result for whatever number I enter.

#2 Updated by Noel Kuntze 22 days ago

I configured

charon {
routing_table = x
}

Where x is the routing table I actually want to use.

And what do you mean with "the routing table number increases with every restart of the daemon"?

I mean literally what I wrote. The routing rule that charon installs first points to table 1. After a restart, it's table 2. Then 3. Then 4. And so on. Ad infinitum.

Used in what way? At least on older kernels I don't get a result for whatever number I enter.

"used" as in "there ever was a route added to that table".

Linux ¯\_(ツ)_/¯

#3 Updated by Tobias Brunner 21 days ago

  • Category set to kernel

Where x is the routing table I actually want to use.

Does it matter what x is? Does it also happen with the default of 220?

I mean literally what I wrote. The routing rule that charon installs first points to table 1. After a restart, it's table 2. Then 3. Then 4. And so on. Ad infinitum.

I can't reproduce this (kernel version I used was 5.3.0). In our code the number is not modified, and the kernel has no reason to modify the number (it shouldn't care what routing table a rule points to).

"used" as in "there ever was a route added to that table".

OK, but that should not have any effect on the rule installation anyway. It shouldn't matter to the kernel if the routing table a rule points to already has routes in it or not (or ever had or ever will).

Also available in: Atom PDF