[strongSwan] planned support for RFC6407 GDOI - GETVPN
Stefan Bauer
stefan.bauer at cubewerk.de
Tue Jan 14 19:32:13 CET 2014
Hi Users,
i just got my hands on a marketing brochure from a a big network player and am curious if anything like this can be build with open source - preferable strongswan or is already in another way implemented already.
the main features I'm interested in are:
● Instantaneous large-scale any-to-any IP connectivity using a group IPsec security paradigm - seems to be RFC6407 GDOI
● Takes advantage of underlying IP VPN routing infrastructure and does not require an overlay routing control plane
● Preserves the IP source and destination addresses during the IPsec encryption and encapsulation process. Therefore GET VPN integrates very well with features such as QoS and traffic engineering.
I'm talking about ciscos GETVPN solution. Is there anything out there to be able to mesh around 800 sites together over vpn tunnel without having to configure a vpn tunnel from each site to each other?
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6525/ps9370/ps7180/GETVPN_DIG_version_1_0_External.pdf
Regards
Stefan
More information about the Users
mailing list