<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Hi Felipe, thank you for your consideration of this. It took me a bit to create a diagram:<br class=""><br class=""><div class=""><br class=""></div><div class=""><font face="Monaco" class=""> 10.10.0.0/22 10.10.4.0/22</font></div><div class=""><font face="Monaco" class=""> ^ ^</font></div><div class=""><font face="Monaco" class=""> v v</font></div><div class=""><font face="Monaco" class=""> +---------------+ +---------------+</font></div><div class=""><font face="Monaco" class=""> | Initiator | | Responder |</font></div><div class=""><font face="Monaco" class=""> |---------------| |---------------|</font></div><div class=""><font face="Monaco" class=""> |10.9.255.253/30|<- - - -VTI - - - ->|10.9.255.254/30|</font></div><div class=""><font face="Monaco" class=""> +---------------+ +---------------+</font></div><div class=""><font face="Monaco" class=""> ^ ^</font></div><div class=""><font face="Monaco" class=""> v v</font></div><div class=""><font face="Monaco" class=""> ini.tia.tor.ip <---- Internet ----> res.pon.der.ip</font></div><div class=""><br class=""></div>From the bottom, the internet connection between the initiator and responder, a PtP VTI between the the two nodes and in turn, the two /22 networks that I want to connect through the VTI as native routing between networks (hence the VTI interfaces on each node). The initiator public IP is dynamic. <div class=""><br class=""></div><div class="">The reason for not doing straight tunneling between the two /22 networks is OSPF discovery of interfaces, typical routing daemons can only see interfaces to add discovery over (ie “vti*”). As the network grows, the routing daemons will self-discover for optimal backbone routing.</div><div class=""><br class=""></div><div class="">Apologies that I didn’t get deeper into that previously! Does it help?</div></body></html>