Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 11 Oct 2005 13:20:29 -0700
From:      Danny Howard <dannyman@toldme.com>
To:        Joshua Weaver <josh@metropark.com>
Cc:        freebsd-net@freebsd.org, 'free bsd' <freebsd-questions@freebsd.org>
Subject:   Re: GRE tunnels anyone?
Message-ID:  <20051011202029.GI564@ratchet.nebcorp.com>
In-Reply-To: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAb2DLH6DGVUCfC18ehDQuQcKAAAAQAAAANqdpYXJRCUyI1lev88QfmwEAAAAA@metropark.com>
References:  <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAb2DLH6DGVUCfC18ehDQuQcKAAAAQAAAANqdpYXJRCUyI1lev88QfmwEAAAAA@metropark.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Oct 11, 2005 at 01:06:58PM -0500, Joshua Weaver wrote:
> The company I work for uses a lot of multicast tunnels, usually with a
> QOS/GRE implementation with quite pricy hardware.  I googled around a bit,
> it looks like basic vpn is supported for FreeBSD. I guess my questions are
> 
> 1.)    Does FreeBSD play well with vpn-capable routers  (like a 3Com 5012)
> 
> 2.)    Would getting acceptable latency tunneling multicast mean hardware
> that's just as expensive as a router costing thousands?

Joshua,

We run a tunnel using gif interfaces, managed by racoon.  The
performance is less than super, but I think that's a constraint of our
network resources.

My answer would be: "Why not grab a spare box and try it out?"  If the
day's diversion may lead you to saving thousands, then please spend a
little more effort and write a brief article on a blog or a journal
somewhere to help the next person who comes along asking your question.
:)

The handbook has a great chapter on how-to-setup-a-tunnel-from-scratch,
though it sounds like you don't need a lot of hand-holding.

I would LIKE to think that if we spent a bit of cash on proper VPN
hardware, that tunnel maintenance would be easier and performance might
be better.  Well, that's an aside.

Good Luck,
-danny

-- 
http://dannyman.toldme.com/



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051011202029.GI564>