From owner-freebsd-questions Mon Sep 2 13:46:31 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4972E37B400 for ; Mon, 2 Sep 2002 13:46:28 -0700 (PDT) Received: from sixshooter.v6.thrupoint.net (sixshooter.v6.thrupoint.net [65.242.152.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id E8A6543E3B for ; Mon, 2 Sep 2002 13:46:25 -0700 (PDT) (envelope-from jpb@sixshooter.v6.thrupoint.net) Received: by sixshooter.v6.thrupoint.net (Postfix, from userid 1000) id C39A3107A3; Mon, 2 Sep 2002 16:46:24 -0400 (EDT) Date: Mon, 2 Sep 2002 16:46:24 -0400 From: Jim Brown To: questions@freebsd.org Subject: Re: Bridging Tunnel Message-ID: <20020902204624.GB93844@sixshooter.v6.thrupoint.net> Mail-Followup-To: Jim Brown , questions@freebsd.org References: <20020902145130.V33157-100000@prime.gushi.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020902145130.V33157-100000@prime.gushi.org> User-Agent: Mutt/1.4i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG * Dan Mahoney, System Admin [2002-09-02 15:14]: > Hi, here's the situation. We have two points of presence and we're > migrating all our machines from one to the other. We're looking to > establish a tunnel between these two locations such that ARP is either > transparent or easily configrable. Additionally, we'd like to be able to > set routes so that any outbound traffic for these machines just goes > straight out to the net, instead of back through the tunnel (I cant find a > way to announce our routes to both places at once), and don't think it's > possible. > > Anyone have any idea how to go about that? > > -Dan Mahoney > > -- Not exactly sure what you want. Seems that you want to take packets in from the remote end via a tunnel, but send packets to the remote end via a different route. (Asynchronous routing is generally a Bad Thing(TM)). Some suggestions: gif(4) devices can tunnel IP[46] into IP[46]. May be useful for your tunnel. stunnel, www.stunnel.org (haven't used it) Search the ports collection for tunnel, or VPN. Might get something useful for you. With the gif interface, you can set it up to be a gateway to a different subnet. ARP may still be a problem. You might be able to set up a static arp table on both ends. See arp(8). HTH, jpb === To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message