Skip to content

Commit

Permalink
Fix example 'Creation of two VTI Devices'
Browse files Browse the repository at this point in the history 
Kernel refuses to add tunnel 'ipsec0', because it has the same local and
remote as 'vti0'.
This also matches what is written in 'Connection-specific VTI Devices':

 "The kernel rejects the creation of a VTI device if the remote and local
  addresses are already in use by another VTI device."

Closes #25
  • Loading branch information
@martin-brandl @tobiasbrunner
martin-brandl authored and tobiasbrunner committed Nov 29, 2024
1 parent 13b9049 commit bd69d40
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion docs/modules/ROOT/pages/features/routeBasedVpn.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -294,7 +294,7 @@ All of this also works for IPv6.
==== Example: Creation of two VTI Devices (vti0 and ipsec0)
----
ip tunnel add vti0 local 192.168.0.1 remote 192.168.0.2 mode vti key 42
ip tunnel add ipsec0 local 192.168.0.1 remote 192.168.0.2 mode vti key 0x01000201
ip tunnel add ipsec0 local 192.168.0.1 remote 192.168.0.3 mode vti key 0x01000201
sysctl -w net.ipv4.conf.vti0.disable_policy=1
ip link set vti0 up
ip route add 10.1.0.0/16 dev vti0
Expand Down

0 comments on commit bd69d40

Please sign in to comment.