[Swan] vxlan support
Sowmini Varadhan
sowmini.varadhan at oracle.com
Tue Jan 23 16:07:43 UTC 2018
> On Tue, 23 Jan 2018, antonio wrote:
>
> >did anyone configured vxlan with libreswan?
> >
> > my idea is to create a tunel ipsec ??and then send all the vxlan
> > traffic trought the tunnel. i guess that would be
> >something like l2tp/ipsec, but i must create ip xfrm rules to re-direct
> > the traffic, no?
vxlan tunnels an L2 frame over udp. (rfc 7348)
are you planning on applying ipsec to the vxlan'ed frame?
If yes, you'd have to set up your swan tunnel config for something like
leftprotoport=udp/4789
and
rightprotoport=udp/4789
(you'd need 2 tunnels per peering pair)
More information about the Swan
mailing list