On Tue, Jun 12, 2018 at 2:35 PM Patrick Lamaiziere <patf...@davenulle.org>
wrote:
> Hello,
>
> I'm trying Bird 2 on FreeBSD 11.2 using tcp md5 signature for BGP
> connections.
>
> Bird2 has an option to set the needed ipsec SA/SP but here this does
> not work.
>
>
>
It will work if you 'help' bird to know the source address to use (source
address) into the BGP protocol.
Here is the extract of my bird BGP configuration file (no setkey.conf
needed):
protocol bgp R4inet4 {
local as myas;
# Bird creates IPSEC SAD entry automatically but it need to
know the source IP address
# Otherwise it will use the wrong 0.0.0.0 IP as source
source address 10.0.2.3;
neighbor 10.0.2.4 as 200;
password "abigpassword";
ipv4 {
import all;
export all;
next hop self;
};
}
Regards,
Olivier
_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
