[strongSwan] Multiple tunnels between same peer
Meera Sudhakar
mira.sudhakar at gmail.com
Thu Jun 23 08:16:58 CEST 2011
Hello Martin/All,
I had a look at the things you mentioned below, I also had a look at some of
the test cases in http://www.strongswan.org/uml/testresults/ikev2/. I see
that there are some scenarios where one node (say Sun) is the destination
for more than one tunnel (as in, both Alice and Venus establish tunnels with
Sun). In this case, I see that marking the packets helps Sun differentiate
between both the tunnels.
But is it possible to have multiple tunnels between the same endpoints (say
between Alice and Sun)? I looked around but couldn't find any particular
scenario in the link I've mentioned above. Also, even if it is possible to
have more than one tunnel between the same end points, will marking of
packets help in differentiation, since the destination address of both
tunnels will be the same?
I hope I've understood all this correctly. I would appreciate it if you
could help me clear my doubts.
Thanks in advance,
Meera
On Wed, May 25, 2011 at 2:45 PM, Martin Willi <martin at strongswan.org> wrote:
>
>
> > But I would like to know what these values mean (10, 11, 20, 21) and
> > how they help in sending traffic through a particular tunnel only. I
> > need to try and set up multiple tunnels, and then send traffic through
> > each one of them, and then all of them together, in order to compare
> > performances.
>
> You can use the same mark values in iptables to tag traffic for use with
> a specific tunnel, have a look at [1].
>
> Use the MARK target to set a mark on a packet. Depending on the mark you
> set, the tunnel with the mark configured in ipsec.conf will be used.
>
> Regards
> Martin
>
> [1]
> http://www.strongswan.org/uml/testresults/ikev2/rw-mark-in-out/console.log
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20110623/38ff1ba5/attachment.html>
More information about the Users
mailing list