Date: Mon, 2 Sep 2002 21:03:22 -0400 (EDT) From: Jason Hunt <leth@primus.ca> To: questions@FreeBSD.ORG Subject: Re: Bridging Tunnel Message-ID: <20020902201901.L46843-100000@lethargic.dyndns.org> In-Reply-To: <20020902204624.GB93844@sixshooter.v6.thrupoint.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 2 Sep 2002, Jim Brown wrote: > * Dan Mahoney, System Admin <danm@prime.gushi.org> [2002-09-02 15:14]: > > Hi, here's the situation. We have two points of presence and we're > > migrating all our machines from one to the other. We're looking to > > establish a tunnel between these two locations such that ARP is either > > transparent or easily configurable. Additionally, we'd like to be able to > > set routes so that any outbound traffic for these machines just goes > > straight out to the net, instead of back through the tunnel (I cant find a > > way to announce our routes to both places at once), and don't think it's > > possible. > > Not exactly sure what you want. Seems that you want to take packets > in from the remote end via a tunnel, but send packets to the remote end > via a different route. (Asynchronous routing is generally a Bad Thing(TM)). > I think he wants to leave the computers on the same subnet once they are moved. Take a look the IETF's Pseudo-Wire Emulation Edge to Edge (PWE3) workgroup, at: http://www.ietf.org/html.charters/pwe3-charter.html Basically, he wants a bridge between the two sites. You could do this with VLANs or MPLS, but that's not any help if you don't have direct connectivity (ie: a fiber link) between the two sites. You could also bridge the two sites using wireless APs, but that might not be an option. Encapsulating Layer 2 inside of Layer 3 would create A LOT of traffic to pass over the Internet, or any other kind of link for that matter. Because of that, it's probably not really worthwhile to do anything like this. However, if you ignore that fact, you could have a program running on a FreeBSD (or similar) machine that puts the LAN interface into promiscuous mode and take all of the received packets, encapsulate them inside an IP packet. The program would then send the packet to a specific port another machine. The program running on the receiving machine would decapsulate the IP packets that it receives, and then send these frames out on it's LAN interface. I don't know if anything like this exists already .. ? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020902201901.L46843-100000>