If racoon is bound to a virtual interface (ie eth0:0), it can
send packets with the wrong source address.
It seems the problems lies within the sendfromto. For IPV4
it sets PKTINFO on the packet. In the packet info it sets
ipi_addr (to the source ip) and ifindex (to 0). The kernel
ignores ipi_addr though so the packet gets sent with the ip
address of the eth0 interface.
Since racoon seems to call bind() on its sockets, cutting out
the setting of the cmsg and pktinfo stuff fixes the problem.
Log in to post a comment.