Project

General

Profile

Actions
Copy link

Feature #15461

closed

Support GRE Tunnel Key

Added by David Bojnansky 14 days ago. Updated 12 days ago.

Status:
Needs Patch
Priority:
Normal
Assignee:
-
Category:
Routing
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default

Description

Hello,

is it possible to implement GRE Tunnel Key according to RFC1701 ( https://datatracker.ietf.org/doc/html/rfc1701 ).

For example, in FortiGate it is implemented as key-inbound and key-outbound option ( https://docs.fortinet.com/document/fortigate/7.4.3/cli-reference/79620/config-system-gre-tunnel ).

Thanks

Actions
Copy link
 #1

Updated by Jim Pingle 12 days ago

  • Status changed from New to Needs Patch

Support for GRE keys is not complete in FreeBSD at this time. FreeBSD GRE allows configuring an outbound key but not an inbound key.

From the man page :

The current implementation uses the key only for outgoing packets. In-
coming packets with a different key or without a key will be treated as
if they would belong to this interface.

For this to be effective, someone would first need to finish the implementation in FreeBSD.

Actions
Copy link
 #2

Updated by David Bojnansky 12 days ago

Ok, in fact I need mainly the outbound key. Can you implement it at least partly for now?

Thanks for the response.

Actions
Copy link

Also available in: Atom PDF