east:~#
 set -u
east:~#
 route delete -net 192.0.1.0 netmask 255.255.255.0
east:~#
 route delete -net default
east:~#
 route add -net default gw 192.1.2.45
east:~#
 named
east:~#
 dig sunrise-oe.uml.freeswan.org a

; <<>> DiG VERSION<<>> sunrise-oe.uml.freeswan.org a
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12345
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;sunrise-oe.uml.freeswan.org.	IN	A

;; ANSWER SECTION:
sunrise-oe.uml.freeswan.org. 604800 IN	A	192.0.2.2

;; Query time: 25 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: DATE
;; MSG SIZE  rcvd: SIZE

east:~#
 netstat -rne
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.9.2.0       0.0.0.0         255.255.255.0   U     0      0        0 eth2
192.1.2.0       0.0.0.0         255.255.255.0   U     0      0        0 eth1
192.0.2.0       0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         192.1.2.45      0.0.0.0         UG    0      0        0 eth1
east:~#
 ipsec setup start
ipsec_setup: Starting Libreswan IPsec VERSION
east:~#
east:~#
 ipsec eroute
0          0.0.0.0/0          -> 0.0.0.0/0          => %trap
east:~#
east:~#
 echo DONE
DONE
east:~#
 

east:~#
 : show bare shunts in a canonical order
east:~#
 ipsec auto --status | grep '=>' | sort
000 192.0.2.1/32:0 -0-> 192.0.1.10/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.11/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.12/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.13/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.14/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.15/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.16/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.17/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.18/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.19/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.20/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.21/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.22/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.23/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.24/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.25/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.26/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.27/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.28/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.29/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.30/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.31/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.32/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.33/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.34/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
000 192.0.2.1/32:0 -0-> 192.0.1.35/32:0 => %pass 0,0    our client's TXT record: RR of type TXT for 1.2.0.192.in-addr.arpa. was not found (tried CNAMEs)
east:~#

