> On 14 Mar 2019, at 19:36, Otto Moerbeek <o...@drijf.net> wrote:
>
> Hi,
>
> So i have a little IPv6 problem.
>
> I have a machine in colocation that has IPv6. I have my home cable
> modem connection that does not have it.
>
> So I thought: I make my own tunnel. First I tried gif(4), that worked,
> but only after some fighting with mtu settings on all hosts on my home
> net via rad. Performance was kinda bad. So I'm looking for an
> alternative. I thougt: IPSEC should be able to do this.
>
> I have a flow from my locally created IPv6 net to any and vice versa.
> THe flow itself works.
>
> There I ran into the trouble that you cannot specify a default
> gateway, since my remote gw (the host in colo) it is not reachable
> according to route(8).
>
> How does one solve the default route problem? I never really
> understood how routing works in the presense of IPSEC flows.
Can you elaborate on what gif and slow meant? Also, you should be able to use
gif with whatever MTU you want, even 1500 on the gif interface and fragments
over the internet. You could also try gre, but I doubt it would be different to
gif in terms of performance and support for MTU/fragmentation.
If you want ipsec and routes, you would still use tunnel and get IPsec to
protect it. Or you could trick someone into making something like Cisco's vti a
thing in OpenBSD.
dlg
