Re: IP over IP: satellite hosts

[Jose Alberto Guzman <jose@iteso.mx>]

Leonardo Boselli wrote:
> I will have shortly this problem:
>  Currentrly I have 5 labs with about 8 machines each, and 5 servers.
> Except 3 dual hosted servers, that act as proxies, the hosts have only a 
> local private address . The labs are all connected to a central switch (I 
> have a couple of 108 m cables ... but all seem to works nicely ...).
> In a few months 2 of the laboratories will be moved to a diffferent, quite 
> far, building. 
> I will not be able to lay a cable, but i will have to resot to using "regular" 
> (althought fast) internet, trought some routers.
> I can connect to those routers only machines with public addresses.
> I need for some reason to keep the subnet "unitary" so using the same 
> subnet as today.
> I thought of using some sort of tunneling on VPN, with one machine on 
> each end connected on a NIC to "public" internet, and with another to 
> private network. I need, since all servers are on one ond, to allow also 
> broadcasts . (so the two gateways at the end of connection would 
> appear to the machines as one switch).
> How to do it?
>
> --
> Leonardo Boselli
> Nucleo Informatico e Telematico del Dipartimento Ingegneria Civile
> Universita` di Firenze , V. S. Marta 3 - I-50139 Firenze
> tel +39 0554796431 cell +39 3488605348 fax +39 055495333
> http://www.dicea.unifi.it/~leo

 If you can set up a linux router in each end with real IPs, check out 
the 'Ipsec practical configurations for Linux Freeswan 1.3.', the subnet 
to subnet setup may be of help. Although you may have to play with proxy 
arp once you have them linked.

http://jixen.tripod.com/

Also the documentation in www.freeswan.org is good. The freeswan version 
in woody is 1.96 with several patches, but the docs for 1.97 apply.

I have a copy of the jixen site, if it's unavailable mail me.


Jose