More IPSEC routes for OSPF
Apollon Oikonomopoulos
apollon at skroutz.gr
Mon Nov 11 16:45:08 CET 2013
Hi Iain,
On 13:27 Mon 11 Nov , Iain wrote:
> Hi Eliezer,
>
> “ip addr” gives just the local addresses (it doesn’t include anything OpenSWAN related) - e.g.
>
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> inet 127.0.0.1/8 scope host lo
> valid_lft forever preferred_lft forever
> inet6 ::1/128 scope host
> valid_lft forever preferred_lft forever
> 2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN
> link/ether 46:36:d3:05:b9:9a brd ff:ff:ff:ff:ff:ff
> 3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
> …
>
> “ip route” gives just the default route, plus one per interface (again, nothing OpenSWAN related):
I don't know about OpenSWAN, but StrongSWAN places the VPN routes in a
different routing table (220 by default). You can guess this is
happening by having a look at the relevant rules (`ip rule list'). If
this is the case with OpenSWAN as well, you can just create an
additional kernel protocol in BIRD and learn the routes from that
special routing table.
Apollon
More information about the Bird-users
mailing list