Annotation of embedaddon/strongswan/testing/tests/route-based/net2net-xfrmi/description.txt, revision 1.1.1.1
1.1 misho 1: A connection between the subnets behind the gateways <b>moon</b> and <b>sun</b>
2: is set up using XFRM interfaces.
3: <p/>
4: The gateways use <b>route-based forwarding</b> with <b>XFRM interfaces</b>, with
5: firewall rules to allow traffic to pass. The IPsec traffic selector used is
6: 0.0.0.0/0, however, specific routing is achieved with routes on the XFRM
7: interfaces. The IKE daemon does not install routes for CHILD_SAs with outbound
8: interface ID, so static routes are installed for the target subnets.
9: <p/>
10: Both gateways use separate interfaces for in- and outbound traffic (which is
11: completely optional and mainly for testing purposes, a single interface will
12: usually be enough). Gateway <b>moon</b> creates them before initiating the
13: connection, while gateway <b>sun</b> dynamically creates the interfaces via
14: updown script using the passed unique generated interface IDs.
15: <p/>
16: Client <b>alice</b> behind gateway <b>moon</b> pings client <b>bob</b> located
17: behind gateway <b>sun</b>.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to description.txt CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / tests / route-based / net2net-xfrmi