On Tue, Nov 19, 2024 at 09:35:53PM -0800, Brian C. Hill via Bird-users wrote:
> Hello,
>
> I want to use bird to mutually propagate routes throughout several sites
> connected with vpn gateways, probably with ospf.
>
> e.g. site A net(s) <-> site A vpn gateway <-> vpn 'concentrator' <->
> sit
Hi,
I prefer to use XFRM interfaces on Linux. You get an dedicated
interface for each site where you can use any static or dynamic (L3-
based -- Did you consider to use eBGP between your sites?) routing
setup. You can configure it like a VTI while not being a VTI ;-)
When using StrongSwan you nee
On 11/19/24 11:35 PM, Brian C. Hill via Bird-users wrote:
Hello,
Hi,
Pre-script, this touches on multiple things that I'm interested in and /
or actively working on, so I'm going to throw my hat into the ring. But
I could be so far off the mark that it's not even remotely funny.
I want to
On Tue, 19 Nov 2024, Brian C. Hill via Bird-users wrote:
Hello,
I want to use bird to mutually propagate routes throughout several sites
connected with vpn gateways, probably
with ospf.
ipsecvti is what you want
deb12 with strongswan/swanctl works well
I have swan2swan swan2srx swan2watc
Hi Brian,
When I did something like that, I didn't even dig such deep to wed ipsec
tunnel policies with routing. IMHO it might work, but could hit you in
unexpected way. The option with vti looks more straightforward to me -
those guys live sepearately and do not harm each other. I.e. ipsec does i
Hello,
I want to use bird to mutually propagate routes throughout several sites
connected with vpn gateways, probably with ospf.
e.g. site A net(s) <-> site A vpn gateway <-> vpn 'concentrator'
<-> site B vpn gateway <-> hosts site B net(s), etc..
I couldn't find many posts about the be
