Error while Setting up IPsec in 2 vimages

Bjoern A. Zeeb bz at
Fri Jun 4 21:46:18 UTC 2010

On Fri, 4 Jun 2010, Yin, Kwong-Sang wrote:

> I'm currently using FreeBSD 8.0 Stable and below I created 2 vimages. I'm trying to setup tunnel mode IPsec using racoon for each vimage but got error message for the vimage e0_n1.
> [root at er2 /home/kwong]# vimage -c e0_n0
> [root at er2 /home/kwong]# vimage e0_n0 ifconfig gif0 create
> [root at er2 /home/kwong]# vimage -c e0_n1
> [root at er2 /home/kwong]# vimage e0_n1 ifconfig gif0 create
> ifconfig: SIOCIFCREATE2: File exists
> But when I checked, gif0 is only in vimage e0_n0.

You get an error when creating the 2mf gif interface.  None but
if_loop cloners are currently virtualized in a way that you can create
overlapping interface names between vnets.

I am have a prototype to fix the infrastructure rather than each
driver but it needs a bit of cleanup still.

You may want to create gif0 and a gif1 meanwhile; that should work.


PS: for tunnel mode IPsec you do not need gif tunnels at all.  You can
just setup ipsec.  If you need interfaces over ipsec for link state
protocols like OSPF you would want to configure transport mode for the
gif-tunnel endpoints and only protect those (the gif tunnel) and then
use routes.

Bjoern A. Zeeb      I will let you know once I escaped from my bird cage
and learnt to fly again.            -- Ottawa, ON, Canada, 21st May 2010

More information about the freebsd-virtualization mailing list