Can you use OSPF or other routing protocols over Linux Free SWAN ipsec VPNs using linux iptables firewalls?

I am a user of linux iptables firewalls and wanted to know if it was possible to configure routing protocols over VPN networks. Currently the VPN networks we are builing are getting larger and larger so we will need to implement a routing protocol at some point. I have read the cisco article below but any suggestions or experiences you have had with this would be greatly appreciated if you could share them.

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800a43f6.shtml
LVL 1
harryyehAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

grbladesCommented:
Hi harryyeh,
As the article you found describes it is possible to use routing protocols over VPN links. You need to encapsulate the routing protocol into an IP packet so that it will go across the VPN. In the article this is performed by a router which site between the VPN device and the internal network.
0
harryyehAuthor Commented:
What would you use to encapsulate it? I am not going to be using cicso routers, probably just the firewalls with zebra routing software on it.
0
grbladesCommented:
In that case encapsulation would be very difficult. I suggest you use the RIP routing protocol which uses UDP port 520 and therefore being IP based will go across the VPN. It is a basic routing protocol and not as full featured as OSPF but it is commonly supported.
I suspect for your needs the only downside will be if there are two routes to a destination and one fails it may take a couple of minutes before traffic is sent across the redundant link.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

harryyehAuthor Commented:
I prefer to use OSPF, what is the method you were recommending to encapsulate OSPF? Are you saying to use cisco routers to encapsulate the OSPF packets? I mean if I HAVE to use cisco routers I will be I was just seeing if it was possible to use a linux router program like zebra.
0
grbladesCommented:
I am not aware of any Linux software which performs GRE encapsulation and a quick search on sourceforge found nothing. If you wanted to do it I think you would have to write something yourself.
I think if you need to use OSPF you will need to get some Cisco routers.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
harryyehAuthor Commented:
Thanks grblades, let me know if you ever come across anything
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.