The behaviour is quite different depending on what is done. In my case another API key (not the one my application uses) should be deleted and fails, the service restarts afterwards and the config is still the same. Is there something like a hot reload missing? Also, if the API-server dies without restart (had that case several times, would have to find out, which command does that) even a change using cli did not recover the service.
Nov 25 2022
May 2 2022
Done some further research about rt_netlink and charon relationship. As described in the docs of Strongswan the option charon.process_route = no helps and is a good workaround if the destination is always reachable over a known specific interface (i think it can be an issue if wan load-balancing etc. is used).
Aug 25 2021
Mar 16 2020
In which version FRR has been upgraded to 7.3?
Mar 7 2019
Tested this now using snapshot vyos-1.2.0-rolling+201903070337 and my usecase with OSPF via OpenVPN-Site-to-Site tunnels. Built up test setup using two vpn endpoints connected via a router (w/o firewall).
Jan 29 2019
Confirmed working again (using rolling from 2019-01-29). Thank you for verification.
Jan 24 2019
Jan 7 2019
This may be also an issue for openvpn site-to-site tunnels. This shows in route list as follows: