[Swan] Status of VTI support?
Paul Wouters
paul at nohats.ca
Fri May 24 14:24:10 UTC 2019
On Fri, 24 May 2019, Roberto Suárez Soto wrote:
> I've been reading about VTI interfaces in Libreswan, but the page "Route-based VPN using VTI" seems a bit old (2017). Is
> there any news since it was last updated?
>
> Also, what would be my options if I wanted to use VTI interfaces in Ubuntu 16.04? I can backport a "modern" version of
> libreswan from a newer release (i.e., 3.23 from 18.04 or 3.27 from 19.04, for example), but what should be the minimum? Would
> I have to backport iproute too, which is said to be too old in 16.04?
VTI support is being replaced with XFRMi support. XFRMi is the successor
of VTI in the kernel.
Yes you can upgrade the libreswan package. The specific VTI support
mostly depends on the kernel though, but it has been there for a very
long time so any 3.x or 4x kernel probably will due (although I haven't
followed VTI commits for bugfixes in upstream kernels closely)
Paul
More information about the Swan
mailing list