Re: Big VPN

To: debian-security@lists.debian.org
Subject: Re: Big VPN
From: Dariush Pietrzak <eyck@forumakad.pl>
Date: Wed, 3 Mar 2004 08:52:50 +0100
Message-id: <[🔎] 20040303075250.GA24992@forumakad.pl>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 20040302235842.GB17445@bofh.ece.ubc.ca>
References: <[🔎] 1078260094.1147.25.camel@tower.int-srv.pl> <[🔎] 4044F60A.5060906@hetisw.nl> <[🔎] 20040302215728.GB12231@nenya.lan> <[🔎] 40451648.3060700@hetisw.nl> <[🔎] 20040302235842.GB17445@bofh.ece.ubc.ca>

> think an acceptable user-land alternative might be openvpn.  I would
 I don't think openvpn would easily handle such large number of connections,
it would be also a configuration nightmare.
tinc was designed to handle such scenario, but I wouldn't use anything
user-land for ~100 lans, no metter how maintainable the configuration is.
 I guess best bet is kernel 2.6.x and racoon-based key management. 

Oh, and btw, if you're going to use FreeS/WAN, better look at 
http://www.openswan.org, they've got the good code. ( and backwards
compatbile, if you've got frees/wan based network and want to upgrade to
2.4.25 you're out of luck with free s/wan - they migrated to 2.x with never
kernel, and it means you need to upgrade your userland tools, and probably
tune configuration a bit. Openswan works nicely with upgrades ).

-- 
Dariush Pietrzak,
Key fingerprint = 40D0 9FFB 9939 7320 8294  05E0 BCC7 02C4 75CC 50D9

Reply to:

References:
- Big VPN
  - From: Jaroslaw Tabor <jarek@srv.pl>
- Re: Big VPN
  - From: "I.R. van Dongen" <vdongen@hetisw.nl>
- Re: Big VPN
  - From: Richard Atterer <richard@list04.atterer.net>
- Re: Big VPN
  - From: "I.R. van Dongen" <vdongen@hetisw.nl>
- Re: Big VPN
  - From: Luca Filipozzi <lfilipoz@debian.org>

Prev by Date: Re: Big VPN
Next by Date: Re: Big VPN
Previous by thread: Re: Big VPN
Next by thread: Re: Big VPN
Index(es):
- Date
- Thread