[Swan] RES: feature request - route based (vti) vpn - ip address on tunnel interfaces

Paul Wouters paul at nohats.ca
Wed Sep 14 16:13:37 UTC 2016

On Tue, 6 Sep 2016, Bruno Lopes de Souza Benchimol wrote:

>  Im also glad to hear that you also think its a cool feature to add. Im not exactly a developer but i think that should be fairly easy to devel. I wish i could help more on the code part, but i can help on testing it.

I'm still trying to understand the deployment here. Am I correct in that
you setup an IPsec to tunnel between the two IP
addresses on the VTI interface? And that the routing daemons will
then just add routes? Eg if the routing daemons want to send traffic
for to the other end, it will just route it to the
remote VTI IP via dev vti0 ?

>  Do you think we can get it on a roadmap to implement on a next version?

I think so. I'd like to add it for libreswan-3.19


More information about the Swan mailing list