Re: IP over IP: satellite hosts
Thank to Francesco, Christian, Jose, Wilfrid ... all you suggested to use
freeswan/ipsec.
But there is a small problem, that you overlooked ...
1. the two separated networks should appear as only one, so
broadcasts MUST pass throught .... (there are a few applications for
which it is essential that the network appears as being thge same
broadcast domain)
2. there are no problem on bandwidth (the connection between the
gateway has plenty of bandwidth since it will be a semi-dedicated
gigabit connection)
3. there are no security problem (if performance is improved, no
problem to discard encryption).
hence, the two gateway should operate as if there were bridges, getting
all the traffic on eth1 port, encapsulating into ip packets, senting to the
other gateway thet reinject into the other subnet and the other way, so
the two gateway and the internet conenction appears as just a bridge.
On 17 Jun 2003 at 21:43, Wilfried Essig wrote:
> You could use debian-paket freeswan to build an ipsec-tunnel. Maybe you
> have to compile your own kernel, to get the freeswan-patch in.
> Put one half of your present subnet on one side and the second half on
> the other side.
>
> --
> Wilfried Essig
>
>
>
> --
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
>
--
Leonardo Boselli
Nucleo Informatico e Telematico del Dipartimento Ingegneria Civile
Universita` di Firenze , V. S. Marta 3 - I-50139 Firenze
tel +39 0554796431 cell +39 3488605348 fax +39 055495333
http://www.dicea.unifi.it/~leo
Reply to: