Re: [SLE] Is a VPN the right thing to use here?
From: Darryl Gregorash (raven_at_accesscomm.ca)
Date: 11/15/05
- Previous message: Bruce Marshall: "Re: [SLE] SPAM: Howto DVD DL to 2 DVD SL?"
- In reply to: John: "[SLE] Is a VPN the right thing to use here?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 15 Nov 2005 16:49:37 -0600 To: suse-linux-e@suse.com
On 11/15/2005 01:23 PM, John wrote:
> Apologies for putting this on many lists; I'm not sure which is most
> relevant but it's not purely a Swan nor SuSE problem, more an IP
> problem I suspect.
>
> Due to current circumstances, I have two separate networks, L and R, on
> the same side of an ADSL modem and need to setup a route between them.
> They both share the ADSL modem, 10.0.E.2, as their common, default
> gateway.
>
> Note that E, L & R are used to identify the subnets for this discussion
> only and are normally replaced with valid, distinct, octet numbers.
> Under normal circumstances, these two networks would be in differing
> geographical locations, linked via the Internet.
First things first. This is the configuration you will have in "normal"
circumstances:
L net ---- router --- (some modem) ---> Internet
<---- (some modem) ----- router ---- R net
I replaced the DSL descriptors with generic a "some modem" because the
specific hardware is irrelevant. You could design this with two tin cans
and a piece of string, if you had the network drivers for it :) (Of
course, you might have a bit of trouble getting a string with enough
tensile strength to give you decent bandwidth :D )
For this a VPN is the best solution, IMO, and some might go so far as to
say it is the only realistic solution.
Your "current" configuration should try to mimic this as far as
possible, to avoid having to undergo major reconfiguration when things
go back to normal. Even if you could get the two subnets to talk to one
another, I do not see that this is possible with the diagram you propose:
L net --- router ---+
|
hub --- (modem) ---> Internet
|
R net --- router ---+
Instead, I suggest that you fully configure both the L and R nets,
including the two routers, as if they were working under "normal"
circumstances; that is, build your VPN without reference to what is
between the two networks.
Then mimic the *two* connections to the internet with a third,
temporary, router, as follows:
L net --- router ---+
|
temporary router --- (modem) ---> Internet
|
R net --- router ---+
For this, any old unused computer you may have lying around will
suffice, so long as your favourite brand of SuSE/Novell Linux will
install on it. The way I have drawn the diagram suggests using 3 network
cards in the temporary router, but you could could connect all three
routers to a hub if you prefer (personally, I prefer using an
intelligent switch rather than a hub, to avoid having to match speeds on
the network cards). The temporary router has two functions. First, all
traffic not strictly within the VPN is routed to the modem and internet
(this will be the default routing). Secondly, traffic strictly within
the VPN is routed directly between the L/R routers.
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
- Previous message: Bruce Marshall: "Re: [SLE] SPAM: Howto DVD DL to 2 DVD SL?"
- In reply to: John: "[SLE] Is a VPN the right thing to use here?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
