[Swan-dev] adding a test domain

Andrew Cagney andrew.cagney at gmail.com
Tue Jul 26 00:02:56 EEST 2022

I'd like to add a domain to the test framework.  The motivation is to
allow end-to-end testing of scenarios where non IPsec domains route
their traffic through IPsec gateways.  For instance:


where NORTH and NIC would be running libreswan, while ROAD, TRAIN,
EAST, and WEST would not.
Currently this is implemented by injecting packets into the back
interface of domains such as NORTH, which isn't quite the same thing.

My suggestion is to make two changes:
- add a second interface to ROAD so that it can route packets through NORTH
- add a new domain TRAIN that is behind NORTH
see https://libreswan.org/wiki/Test_Suite#Proposed_Network_Diagram

For reference:
Here's the original diagram:
And here's how things are today:

More information about the Swan-dev mailing list