Hi, On Sun, Jun 19, 2016 at 09:45:38PM +0200, Samuel Thibault wrote: > Here we used two openvpn servers for resiliency, and we use the bird > bgp daemon to make the two boxes exchange routes. Bird however does not > pick up openvpn's routes because they are considered as "protocol boot" > in Linux' "ip route" terms, i.e. they are assumed to be an automatic > configuration, and not an administratively-configured route (see the > protocol RTPROTO part of man ip-route for the details). > > So we need the attached change, which just adds "protocol static", to > express that the routes created by openvpn are to override other > dynamic routing. > > What do you think?
I'm wondering how you do the resiliency. Traditionally, one would set up
the routes on client-connect/client-disconnect (or via --learn-address),
so it's under your control anyway - if you set up the routes from within
openvpn, both servers would announce all the routes all the time...
Besides, I'm a bit reluctant to change something like this, which might
break someone *else*'s setup, which relies on the route being what they
are today ("boot") - can't you teach bird to do "redistribute boot"?
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: +49-89-35655025 [email protected]
signature.asc
Description: PGP signature
