[GRLUG] OpenSWAN, LINUX, & VRF [Was: VPN Help]
Adam Tauno Williams
awilliam at whitemice.org
Sun Aug 4 20:03:29 EDT 2013
On Sun, 2013-08-04 at 18:54 -0400, Greg Folkert wrote:
> I replaced a CISCO something or other with an 850MHz PIII "Network
> Blazer" 1U machine in mid-2007. I had 15 B-to-B VPNs going to it from
> many disparate systems. All of them worked with OpenSWAN even back then,
> mainly because of the wonderful documentation they still have. It has
> one thing bad about it, it was information dense and tough for the
> uninitiated to understand. But read through it 5 or 6 times and it
> should just click.
I haven't looked in awhile; but is there a LINUX / iptables equivalent
to VRF [Virtual Router Framework]? Which allows the LINUX kernel to
host multiple independent routing tables assigned to grouped/labeled
interfaces?
A quick scan of the interwebz finds <http://linux-vrf.sourceforge.net/>
which smells experimental [but at least reasonably current].
Perhaps the kernel has something similar under a different name?
VRF makes configuration of tunnels and security zones dramatically
simpler.
More information about the grlug
mailing list