bird and ipsec (strongswan) routes
Brian C. Hill
bchill at bch.net
Wed Nov 20 06:35:53 CET 2024
Hello,
I want to use bird to mutually propagate routes throughout several sites
connected with vpn gateways, probably with ospf.
e.g. site A net(s) <-> site A vpn gateway <-> vpn 'concentrator'
<-> site B vpn gateway <-> hosts site B net(s), etc..
I couldn't find many posts about the best strategy to use, and the ones
did find are many years old, but it seems to boil down to these options:
• use a script to migrate xfrm route table (220) to a bird-readable
table
• use static routes inside bird
• use vti instead of xfrm
My questions:
1) Is it sill the case that bird cannot read directly from the xfrm
table? (I tried this with a pipe config but nothing gets imported)
2) What is the strategy that most of you are using now? (as opposed to
many years ago)
Thanks!
Brian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20241119/ee9499e7/attachment.htm>
More information about the Bird-users
mailing list