Hi,
It is already possible to specify a vrf for various vpn / tunnel interfaces. But (I think?) that only applies to the traffic inside the tunnel. It would be very helpful if one could specify the vrf which is used for routing the vpn/tunnel packets as well.
Hi @mpsl this is possible for e.g. regular tunnel interfaces where you can bind to an IP address in another VRF. For e.g. WireGuard this is not supported explicitly by Wireuard but you can source the tunnel from another VRF by route leaking to it.
set protocols static interface-route 192.0.2.1/32 next-hop-interface pppoe0 next-hop-vrf 'red'
This will source the WireGuard tunnel to 192.0.2.1 via VRF red
Hi @c-po, regarding regular tunnel interfaces, that’s exactly was I was looking for, thanks!
But for wireguard, that would only work for a remote with a static address, right?