[strongSwan] [EDIT] Traffic selection problems
Brian Topping
brian.topping at gmail.com
Fri Mar 1 00:51:02 CET 2019
Hi Felipe, thank you for your consideration of this. It took me a bit to create a diagram:
10.10.0.0/22 10.10.4.0/22
^ ^
v v
+---------------+ +---------------+
| Initiator | | Responder |
|---------------| |---------------|
|10.9.255.253/30|<- - - -VTI - - - ->|10.9.255.254/30|
+---------------+ +---------------+
^ ^
v v
ini.tia.tor.ip <---- Internet ----> res.pon.der.ip
From the bottom, the internet connection between the initiator and responder, a PtP VTI between the the two nodes and in turn, the two /22 networks that I want to connect through the VTI as native routing between networks (hence the VTI interfaces on each node). The initiator public IP is dynamic.
The reason for not doing straight tunneling between the two /22 networks is OSPF discovery of interfaces, typical routing daemons can only see interfaces to add discovery over (ie “vti*”). As the network grows, the routing daemons will self-discover for optimal backbone routing.
Apologies that I didn’t get deeper into that previously! Does it help?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20190228/fc2fc4f6/attachment.html>
More information about the Users
mailing list