[strongSwan] Export XFRM StrongSwan / IPSec routes to Quagga (OSPF)
TomK
tomkcpr at mdevsys.com
Mon Oct 26 00:58:18 CET 2020
That's certainly an option I've reviewed. Whatever the option, would
like to keep customization to nothing, if possible.
Cheers,
TK
On 10/25/2020 3:03 PM, Volodymyr Litovka wrote:
>
> Hi,
>
> if it's option, you can consider Bird, which can import from specified
> table - https://bird.network.cz/?get_doc&v=20&f=bird-6.html#ss6.6 :
>
> |kernel table /number/|
>
> Select which kernel table should this particular instance of the
> Kernel protocol work with. Available only on systems supporting
> multiple routing tables.
>
>
> On 25.10.2020 20:05, TomK wrote:
>> Hey All,
>>
>> I'm interested in finding out how to import routes from StrongSwan
>> IPSec installed XFRM tables (220) into Quagga (OSPF, 254)?
>>
>> The XFRM policy based rules are saved in table 220 while Quagga
>> (OSPF) saves the routes in table 254. I have an IPSec StrongSwan
>> on-prem GW paired up with one of the Cloud providers. The connection
>> is established fine however I can't ping the remote VLAN's from any
>> other device on the on-prem network except from the on-prem GW itself.
>>
>> I would like to make OSPF aware of table 220 so it can import the
>> rules. Or at least find another way to export the rules in table 220
>> and into table 254. Either import from or export to would work but I
>> haven't been able to find articles on the web addressing this issue.
>>
>> Is this possible?
>>
> --
> Volodymyr Litovka
> "Vision without Execution is Hallucination." -- Thomas Edison
--
Thx,
TK.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20201025/b7856431/attachment.html>
More information about the Users
mailing list