On 9/20/19 9:57 AM, Ben Greear wrote: > On 9/10/19 6:08 PM, Ben Greear wrote: >> On 9/10/19 3:17 PM, Ben Greear wrote: >>> Today we were testing creating 200 virtual station vdevs on ath9k, >>> and using >>> VRF for the routing. >> >> Looks like the same issue happens w/out VRF, but there I have oodles >> of routing >> rules, so it is an area ripe for failure. >> >> Will upgrade to 5.2.14+ and retest, and try 4.20 as well.... > > Turns out, this was ipsec (strongswan) inserting a rule that pointed to > a table > that we then used for a vrf w/out realizing the rule was added. > > Stopping strongswan and/or reconfiguring how routing tables are assigned > resolved the issue. >
Hi Ben: Since you are the pioneer with vrf and ipsec, can you add an ipsec section with some notes to Documentation/networking/vrf.txt?
