❦ 11 novembre 2017 23:44 -0600, Chris Stein <bksteiny@gmail.com> :
Individually, bird is able to establish a session on both tunnels at every remote VPC, so I know that works. Occasionally, I have noticed that established connections will disconnect with a “Hold timer expired”. There’s something I’m missing/overlooking in the config to allow all sessions to be active.
I think BIRD is receiving a remote route that would replace the route used to reach the neighbor. Are you using route-based tunnels (with VTI interfaces)? If yes, "ip route show" output would help to understand. Otherwise, "ip xfrm policy" would help. If you want a working setup similar to yours (a tad more complex since it involves multiple routing tables), here is one: https://vincent.bernat.im/en/blog/2017-route-based-vpn -- Use self-identifying input. Allow defaults. Echo both on output. - The Elements of Programming Style (Kernighan & Plauger)