File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / tests / ikev2 / dhcp-static-mac / description.txt
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Wed Jun 3 09:46:47 2020 UTC (4 years, 5 months ago) by misho
Branches: strongswan, MAIN
CVS tags: v5_9_2p0, v5_8_4p7, HEAD
Strongswan

The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each to gateway <b>moon</b>
and request a <b>virtual IP</b> via the IKEv2 configuration payload by using the <b>leftsourceip=%config</b>
parameter. The <b>dhcp</b> plugin on gateway <b>moon</b> then requests an IP address and DNS/WINS server
information from DHCP server <b>venus</b> using the DHCP protocol. The IP addresses are assigned statically 
by <b>venus</b> based on the user-defined MAC address derived by the <b>dhcp</b> plugin from a hash over
the client identity. This deterministic MAC generation is activated with the strongswan.conf setting
<b>charon.plugins.dhcp.identity_lease = yes</b>.
<p/> 
With the static assignment of 10.1.0.30 and 10.1.0.40, respectively, <b>carol</b> and <b>dave</b>
become full members of the subnet 10.1.0.0/16 hidden behind gateway <b>moon</b>. And this thanks to
the <b>farp</b> plugin through which <b>moon</b> acts as a proxy for ARP requests e.g. from <b>alice</b>
who wants to ping <b>carol</b> and <b>dave</b>. 

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>