Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 11 Feb 1998 14:43:54 -0600 (CST)
From:      Hal Snyder <hal@vailsys.com>
To:        jra@colltech.com
Cc:        freebsd-hackers@FreeBSD.ORG
Subject:   Re: IP tunnels ? once again probably
Message-ID:  <199802112043.OAA11016@crocodile.vale.com>
In-Reply-To: <199802111737.LAA09605@psasolar.psa.pencom.com> (jra@colltech.com)
References:   <199802111737.LAA09605@psasolar.psa.pencom.com>

next in thread | previous in thread | raw e-mail | index | archive | help
> From: jra@colltech.com
> Date: Wed, 11 Feb 1998 11:37:15 -0600 (CST)
> Content-Type: text/plain; charset=US-ASCII
> Sender: owner-freebsd-hackers@FreeBSD.ORG
> X-Loop: FreeBSD.ORG
> 
> > I thought SKIP could also do tunneling plus it has the added feature
> > of crypto... [Amancio]
> 
> Has anyone modified the SKIP sources so that the LKM compiles under
> -current?  I looked at it a while back, but it fell between the 
> cracks.

I know this doesn't exactly answer the question, but wanted to mention
that we are using Jim Flowers' patch to run SKIP with FreeBSD
2.2.5-RELEASE. We tunnel three RFC-1918 nets over the Internet with
excellent results and plan to add more.

Note that with original SKIP, the source IP addresses of tunneled
packets for such an arrangement will be in RFC-1918 range. This feels
wrong. We program our firewall chokes to drop RFC-1918 coming or
going. John Capo provided a nifty patch to replace the source IP in
tunneled packets with the external IP address of the source
gateway. I've summarized this (crudely) at

  http://www.enteract.com/~hal/skip.html





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe hackers" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199802112043.OAA11016>