[CentOS] making a route sticky
Les Mikesell
lesmikesell at gmail.com
Fri Aug 5 16:39:14 UTC 2005
On Fri, 2005-08-05 at 11:13, Aleksandar Milivojevic wrote:
> Anyhow, the more I work with native Linux IPSec, the more it seems to me
> decision not to assign virtual interface (like ipsec* or tun*, like some other
> VPN implementations do) to tunnels was a mistake (maybe current way looks
> cleaner to kernel developer, but the old way was way simpler to manage for
> system administrator).
Can you fix this the way it is commonly done in routers? That is,
configure a GRE tunnel as the end points to get a real-looking
interface that you can route over, do multicast, etc., and then
push the GRE packets through ipsec. I've wondered if this would
work between a Linux box and a Cisco router but never had time to
test it. (I have done GRE tunnels and multicast, just not the
ipsec part).
--
Les Mikesell
lesmikesell at gmail.com
More information about the CentOS
mailing list