Date: Tue, 15 Jan 2002 15:12:19 +0200 From: Sheldon Hearn <sheldonh@starjuice.net> To: freebsd-questions@FreeBSD.org Subject: IPv4 tunnelling Message-ID: <55173.1011100339@axl.seasidesoftware.co.za>
next in thread | raw e-mail | index | archive | help
Hi folks,
We're planning to migrate our entire colocated site (mail and web
servers) to a new provider.
During the propogation period required for DNS updates, we'd like to
leave the old firewall in place and have it tunnel packets to the new
firewall, presumably using gif(4).
However, I want to make sure that clients picking up the new DNS records
will be able to connect directly to the new addresses of our hosts.
When I set up the gif(4) tunnel between the two firewalls, will I be
able to configure things such that:
Client Client
| |
| Using stale DNS record: | Using new DNS record:
| mail.example.com = 4.3.2.10 | mail.example.com = 7.6.5.10
v v
Router (4.3.2.1) Router (7.6.5.1)
| |
v v
Old FW ---------------------> New FW -------> Mail Server
(4.3.2.2) gif(4) tunnel (7.6.5.2) (10.0.0.10)
(4.3.2.2 <-> 7.6.5.2)
Basically, I need to know what to do to make sure that replies to
traffic that reaches the mail server via the tunnel don't go out through
7.6.5.1 and that traffic that arrives via 7.6.5.1 doesn't have its
replies sent via the tunnel.
TIA
Sheldon.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?55173.1011100339>