On Tue, Nov 19, 2024 at 09:35:53PM -0800, Brian C. Hill via Bird-users wrote: > Hello, > > I want to use bird to mutually propagate routes throughout several sites > connected with vpn gateways, probably with ospf. > > e.g. site A net(s) <-> site A vpn gateway <-> vpn 'concentrator' <-> > site B vpn gateway <-> hosts site B net(s), etc..
Hello Can you (or others) give me an idea how it should work in some brief outline how it ideally should work? I.e. what would you expect from BIRD w.r.t. IPsec? I know there are SA/SP tables (accessed by ip xfrm state/policy), xfrm routing table 220, all of these managed by Strongswan. What records from these tables are supposed to be read or even managed by BIRD? > My questions: > > 1) Is it sill the case that bird cannot read directly from the xfrm table? > (I tried this with a pipe config but nothing gets imported) I do not know why it should not. It seems like regular routing table. But it is possible that it contains routes with some strange attributes causing BIRD to ignore them (i noticed 'throw' action). Can you give me an output of 'ip route show table 220'? -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: [email protected]) "To err is human -- to blame it on a computer is even more so."
