Re: VPN + multilink connection

To: jhiver@ykoz.net
Cc: jhiver@ykoz.net, debian-firewall@lists.debian.org
Subject: Re: VPN + multilink connection
From: Mike Mestnik <cheako911@yahoo.com>
Date: Thu, 27 Jan 2005 22:03:04 -0800 (PST)
Message-id: <20050128060305.27081.qmail@web31004.mail.mud.yahoo.com>
In-reply-to: <41F93A0A.1060902@wanadoo.fr>

--- Jean-Michel Hiver <hiver.j@wanadoo.fr> wrote:

> 
> >You realy didn't give a whole layout, I was assuming you where using
> >crossover cables.
> >
> I see - sorry :-)
> 
> Well it would be something like this:
> 
> Box1 (dedicated server)
>    - eth0 -> monster bandwith, not a problem
> 
> Box2 (home)
>    - eth0 (192.168.1.2)  -> DSL nat router thing 192.168.1.1
>    - eth1 (192.168.1.12) -> DSL nat router thing 192.168.1.11
> 
I have to ask, what's wrong with a T1 line?  I think it would be cheaper
and there would be a single 1.5468Mbps line.

> Now the big question is: how do I do in order to route VPN traffic 
> through the right gateway? At the moment everything goes to one DSL 
> connection...
> 
> Say I have tap0 going through UDP/8000 and tap1 going through UDP/8001, 
> and my default gateway is $GATEWAY1. What's the simplest way for me to 
> route UDP/8001 traffic through $GATEWAY2?
> 
> I currently use firehol because it's nice and simple. Is it something I 
> can do with firehol?
> 
> If you could let me know how to do to this it would be great - I'm stuck
> 
> on this one :(
> 
> >In any event you will end up using bond or eql(for slow
> >serial links, like if you where using internal DSL cards).  This workes
> >for outoging, without VPN, however for incomming trafic(on the other
> end)
> >you will most likely need to setup VPN if you need that to be balanced
> as
> >well.
> >  
> >
> Well yeah, especially since all the data is going to be transferred 
> trhough one connection and one socket (Asterisk IAX2 VoIP protocol), in 
> this case I'm not sure load balancing works very well without VPN.
> 
> So it seems that multiple tap VPNs bonded together might do the trick 
> nicely. We'll see...
> 
> >Also don't forget to use a shaper, I recomend the wonder shaper to
> start
> >with.
> >  
> >
> Sure. I think once this is set up I might as well set the server with 
> monster bandwith as default gateway - this way I can do traffic shaping 
> at both ends of the VPN link.
> 
> There's some fairly good VoIP related traffic shapers on voip-info.org -
> 
> I'll use them!
> 
> Cheers,
> Jean-Michel.
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

Reply to:

Follow-Ups:
- Re: VPN + multilink connection
  - From: Jean-Michel Hiver <hiver.j@wanadoo.fr>

References:
- Re: VPN + multilink connection
  - From: Jean-Michel Hiver <hiver.j@wanadoo.fr>

Prev by Date: Nao aguento mas :-((((((
Next by Date: Re: VPN + multilink connection
Previous by thread: Re: VPN + multilink connection
Next by thread: Re: VPN + multilink connection
Index(es):
- Date
- Thread