More IPSEC routes for OSPF

Ondrej Zajicek santiago at
Mon Nov 18 13:03:56 CET 2013

On Thu, Nov 14, 2013 at 11:04:21AM +0000, Iain Buchanan wrote:
> I've got my script going, but I can't get the resulting routes into Bird.
>  I add the routes to a new kernel table which I point a "protocol kernel"
> block at (see below).  The routes I'm adding don't go via a particular
> interface as OpenSWAN doesn't create any interfaces - I'm just putting them
> in as "target network" via "local ip address" (this might be one problem -
> I've tried both the internal IP and the GRE tunnel endpoint).

If you need to create some routes just for the purpose of exporting them
to BIRD, you could create them as unreachable routes:

ip route add unreachable

So you don't have to specify a next hop or an iface. When such route is
exported to OSPF, only the prefix matters.

Elen sila lumenn' omentielvo

Ondrej 'SanTiago' Zajicek (email: santiago at
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3,
"To err is human -- to blame it on a computer is even more so."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <>

More information about the Bird-users mailing list