Re: [Cerowrt-devel] vpn fw question

[Eric S. Johansson]

On 10/2/2014 10:24 PM, Joel Wirāmu Pauling wrote:
I.e Your topology looks like this :
[(Remote LAN) - VPN Client]---[INTERNET]---(Local LAN)[WAN][LAN][REMOTE-LAN])

Your Local LAN knows nothing about Remote LAN and Vice versa. There is
just a single Inteface/Client member that is a member of REMOTE-LAN.
So to get traffic from Local LAN to Remote LAN all Local-LAN traffic
needs to be masqueraded to that Single interface.

ah, thanks for the clarification.  my function oriented topology looks 
like this:

[ 34-38 target lan - vpn server - fw ] - - - [ I ] - + -( fw - vpn 
client - - - lan - - - workerbees(6) )
+ -( rw worker bee )
+ -( rw worker bee )
+ -( cerowrt worker bee ) ...

I don't think the natted form is going to work terribly well because all 
the WB's need access to all the target machines. Also our routing tables 
are… significant

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt 
Iface
0.0.0.0         73.38.246.1     0.0.0.0         UG        0 0          0 
ge00
10.42.66.0      10.199.188.193  255.255.255.0   UG        0 0          0 
tun0
10.43.1.0       10.199.188.193  255.255.255.0   UG        0 0          0 
tun0
10.43.2.0       10.199.188.193  255.255.255.0   UG        0 0          0 
tun0
10.43.3.0       10.199.188.193  255.255.255.0   UG        0 0          0 
tun0
10.43.4.0       10.199.188.193  255.255.255.0   UG        0 0          0 
tun0
10.43.5.0       10.199.188.193  255.255.255.0   UG        0 0          0 
tun0
10.43.6.0       10.199.188.193  255.255.255.0   UG        0 0          0 
tun0
10.43.7.0       10.199.188.193  255.255.255.0   UG        0 0          0 
tun0
10.43.8.0       10.199.188.193  255.255.255.0   UG        0 0          0 
tun0
10.43.9.0       10.199.188.193  255.255.255.0   UG        0 0          0 
tun0
10.43.10.0      10.199.188.193  255.255.255.0   UG        0 0          0 
tun0
10.43.11.0      10.199.188.193  255.255.255.0   UG        0 0          0 
tun0
10.43.12.0      10.199.188.193  255.255.255.0   UG        0 0          0 
tun0
10.43.13.0      10.199.188.193  255.255.255.0   UG        0 0          0 
tun0
10.43.14.0      10.199.188.193  255.255.255.0   UG        0 0          0 
tun0
10.43.15.0      10.199.188.193  255.255.255.0   UG        0 0          0 
tun0
10.199.188.0    10.199.188.193  255.255.255.0   UG        0 0          0 
tun0
10.199.188.193  0.0.0.0         255.255.255.255 UH        0 0          0 
tun0
73.38.246.0     0.0.0.0         255.255.254.0   U         0 0          0 
ge00
172.30.42.0     0.0.0.0         255.255.255.224 U         0 0          0 
se00
172.30.42.0     0.0.0.0         255.255.255.0   !         0 0          0 *
172.30.42.64    0.0.0.0         255.255.255.224 U         0 0          0 
sw00
172.30.42.96    0.0.0.0         255.255.255.224 U         0 0          0 
sw10
192.168.9.0     10.199.188.193  255.255.255.0   UG        0 0          0 
tun0

and WTH is this?
172.30.42.0     0.0.0.0         255.255.255.0   !         0 0          0 *

--- eric
_______________________________________________
Cerowrt-devel mailing list
Cerowrt-devel@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/cerowrt-devel