Hello list,
I have a suggestion for further development which I don't know if it is
technically achievable. Anyway, here's our problem:
We run a network which consists of multiple routers behind eachother. Routers
login via OpenVPN to other routers, get fixed IP addresses based on their
certificate and get individual settings pushed (ccd). Imagine the following
simple situation:
Network1---->Router A----->Router B---->Router C---->Network2
in ccd file for Router B on Router C an iroute entry exists for network 1
(which is propagated to Router C via BGP) to properly route packets from
network 2 -> network1 ("iroute network1").
Now we add a network 3 behind Router A
network1 \
---> Router A ----> Router B ----> Router C ---> Network2
network3 /
Routes get propagated via BGP to Router C (network3 appears in routing table of
Router C). But, packets from network 2 don't make it to network 3. We have to
add "iroute network 3" on ccd config for Router B on Router C and reconnect
Router B to Router C to get packets routed to network 3.
From what I understood is that OpenVPN needs the information for network 3 on
Router C to know which VPN tunnel to use to get packets back.
Our intention is that as soon as network 3 is propagated to Router C packet
flow works without the need to edit files and reconnect tunnels. Btw., Routers
get fixed IP addresses through ccd.
Hopefully my explanation is clear enough.
Thx for looking at this...
Regards,
Sebastian
