Hi list,
sorry, I lost my previous post explaining our initial problem with
dynaamic route propagation via BGP, so I can't keep my thread. I had a
look at the iroute code and here's my suggestion for a complete dynamic
routing behaviour without the need for restarting the VPN in case of
routing changes or networks added behind VPN endpoints:
Our problem is that we have to manually add networks to iroute to get
them work over two hops via route propagation (OSPF, BGP, etc.). I'll
try to outline my solution in logical code. It should at least work for
unix like systems:
Listen for kernel routing events via rtnetlink...
switch (routing change happens) {
route added or changed:
if (gateway is an IP assigned to a OpenVPN client) {
add network to iroute table
}else {
discard
}
route deleted:
if (deleted_network was in iroute table) {
remove route from iroute table
} else {
discard
}
}
This would keep iroute behaviour, but enable dynamic routing to work
without restarting VPN links (and manually change ccd files for
clients). Did I get this right and would it be possible to implement?
Regards,
Sebastian
