Wednesday, April 29, 2020

Addressing on Tunnel Interfaces

When using tunnel interfaces for IPSEC to enable dynamic routing, what's the right way to address them?

I took a /24 from the larger subnet used at this company and broke it up into /30s for addresses on each tunnel. That's all working fine and routing is working properly.

This has led to each of those /30s showing up in the routing table across all routers. I'm not sure whether that's a problem and a sign that I'm doing something wrong or if it's normal and I'm just not used to seeing it.

Devices are sonicwall. I'm using tunnel interfaces and ospf so that I can control link costs and because many sites have multiple ISPs, Ethernet point to point links, etc.



No comments:

Post a Comment