west:~#
 named
west:~#
 ifdown eth1
west:~#
 ifconfig eth1 inet 192.1.2.45 netmask 255.255.255.224 up
west:~#
 route add -net default gw 192.1.2.62
west:~#
 : try default route
west:~#
 ping -c 1 -n 192.1.2.62
PING 192.1.2.62 (192.1.2.62): 56 data bytes
64 bytes from 192.1.2.62: icmp_seq=0 ttl=257 time=999 ms

--- 192.1.2.62 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 3.1/4.5/9.26 ms
west:~#
 : try hitting east before doing IPsec
west:~#
 ping -c 1 -n 192.1.2.23
PING 192.1.2.23 (192.1.2.23): 56 data bytes
64 bytes from 192.1.2.23: icmp_seq=0 ttl=257 time=999 ms

--- 192.1.2.23 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 3.1/4.5/9.26 ms
west:~#
 ipsec setup start
ipsec_setup: Starting Openswan IPsec VERSION
west:~#
 /testing/pluto/bin/wait-until-pluto-started
west:~#
 ipsec auto --add us-to-anyone
west:~#
 ipsec auto --route us-to-anyone
west:~#
 ipsec auto --replace clear
west:~#
 ipsec whack --listen
002 listening for IKE messages
002 forgetting secrets
002 loading secrets from "/etc/ipsec.secrets"
002 loading group "/etc/ipsec.d/policies/clear"
west:~#
 ipsec auto --route clear
west:~#
 : check out if .23 has proper TXT record.
west:~#
 dig 23.2.1.192.in-addr.arpa. txt

; <<>> DiG VERSION<<>> 23.2.1.192.in-addr.arpa. txt
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12345
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;23.2.1.192.in-addr.arpa.	IN	TXT

;; ANSWER SECTION:
23.2.1.192.in-addr.arpa. 604800	IN	TXT	"X-IPsec-Server(10)=192.1.2.23" " AQN3cn11FrBVbZhWGwRnFDAf8O9FHBmBIyIvmvt0kfkI2UGDDq8k+vYgRkwBZDviLd1p3SkL30LzuV0rqG3vBriqaAUUGoCQ0UMgsuX+k01bROLsqGB1QNXYvYiPLsnoDhKd2Gx9MUMHEjwwEZeyskMT5k91jvoAZvdEkg+9h7urbJ+kRQ4e+IHkMUrreDGwGVptV/hYQVCD54RZep6xp5ymaKRCDgMpzWvlzO80fP7JDjSZf9LI/MMu6c+qwX" "IKnWoNha75IhFyLWniVczxK2RdhmMhLsi0kC0CoOwWDSIEOb+5zbECDjjud+SF5tT8qRCWnSomX8jtbCdZ50WraQlL"

;; Query time: 25 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: DATE
;; MSG SIZE  rcvd: SIZE

west:~#
 ipsec look
west NOW
192.0.1.0/24       -> 0.0.0.0/0          => %trap (0)
192.1.2.45/32      -> 192.0.2.0/24       => %pass (0)
192.1.2.45/32      -> 192.1.2.0/24       => %pass (0)
192.1.2.45/32      -> 192.1.2.129/32     => %pass (12)
192.1.2.45/32      -> 192.1.2.130/32     => %pass (4)
192.1.2.45/32      -> 192.1.2.254/32     => %pass (12)
ipsec0->eth1 mtu=16260(1500)->1500
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         192.1.2.62      0.0.0.0         UG        0 0          0 eth1
0.0.0.0         192.1.2.62      128.0.0.0       UG        0 0          0 ipsec0
128.0.0.0       192.1.2.62      128.0.0.0       UG        0 0          0 ipsec0
192.0.2.0       192.1.2.62      255.255.255.0   UG        0 0          0 ipsec0
192.1.2.0       192.1.2.62      255.255.255.0   UG        0 0          0 ipsec0
192.1.2.129     192.1.2.62      255.255.255.255 UGH       0 0          0 ipsec0
192.1.2.130     192.1.2.62      255.255.255.255 UGH       0 0          0 ipsec0
192.1.2.254     192.1.2.62      255.255.255.255 UGH       0 0          0 ipsec0
192.1.2.32      0.0.0.0         255.255.255.224 U         0 0          0 eth1
192.1.2.32      0.0.0.0         255.255.255.224 U         0 0          0 ipsec0
west:~#
 echo end
end
west:~#
 

west:~#
west:~#
 ipsec eroute
0          0.0.0.0/0          -> 0.0.0.0/0          => %trap
0          192.0.1.0/24       -> 0.0.0.0/0          => %trap
0          192.1.2.45/32      -> 192.0.2.0/24       => %pass
2          192.1.2.45/32      -> 192.1.2.0/24       => %pass
12         192.1.2.45/32      -> 192.1.2.129/32     => %pass
4          192.1.2.45/32      -> 192.1.2.130/32     => %pass
12         192.1.2.45/32      -> 192.1.2.254/32     => %pass

