On 6 dec 2005, at 06.14, Brian A. Seklecki wrote:
OpenBSD requires that gateway A and gateway B have a default route
declared!!!!
*EVEN THOUGH ONE IS NOT REQUIRED IN THE LAB CONFIGURATION*
...
So why in the world would a default gateway be required? A default
gateway is only required to reach subnets for which routes do not
exist.
There is a test pretty early in the routing code that checks 'is the
destination reachable?', i.e do we have a route to the destination
IP? If not then there's no need to process this packet further, that
would just be a waste of time. Currently the above test only looks at
IP routes, and it needs to be extended to also check for IPsec SPD
(flows), if such are present.
The default route matches all destinations, so it will work as a
catch-all. However you only require a route to the actual network you
are tunneling to.
I've started to look at this a while ago, but either got sidetracked
or ran into problems. I can't remember which at the moment. I'll have
to look at it again.
/H
