xfrm using systemd-networkd?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

I've been looking into the documentation of systemd-networkd for a while
now and I'm still confused by the XFRM capabilities of it. The
documentation isn't that helpful for me right now.

Can someone please help me further understand this? Is it possible to
persist e.g. something like this using network and netdev units?

ip -6 addr add dev lo $SiteAPrivate_IP
ip -6 xfrm state add src $SiteAPublic dst $SiteBPublic proto esp spi $ID reqid $ID mode tunnel aead 'rfc4106(gcm(aes))' $KEY1 128
ip -6 xfrm state add src $SiteBPublic dst $SiteAPublic proto esp spi $ID reqid $ID mode tunnel aead 'rfc4106(gcm(aes))' $KEY2 128
ip -6 xfrm policy add src $SiteAPrivate dst $SiteBPrivate dir out tmpl src $SiteAPublic dst $SiteBPublic proto esp reqid $ID mode tunnel
ip -6 xfrm policy add src $SiteBPrivate dst $SiteAPrivate dir in tmpl src $SiteBPublic dst $SiteAPublic proto esp reqid $ID mode tunnel
ip -6 xfrm policy add src $SiteBPrivate dst $SiteAPrivate dir fwd tmpl src $SiteBPublic dst $SiteAPublic proto esp reqid $ID mode tunnel
ip -6 route add $SiteBPrivate dev eth0 src $SiteAPrivate_IP

Until now I haven't seen anything for specifying the state and policy command related settings.
Therefore I only have:
```
# /etc/systemd/network/27-xfrm.netdev
[NetDev]
Name=xfrm0
Kind=xfrm

[Xfrm]
Independent=true
InterfaceId=7

# /etc/systemd/network/27-eth0.network
[Match]
Name=eth0

[Network]
Xfrm=xfrm0
```

Sincerely,
Klaus Frank
[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux