Thank to Francesco, Christian, Jose, Wilfrid ... all you suggested to use freeswan/ipsec. But there is a small problem, that you overlooked ... 1. the two separated networks should appear as only one, so broadcasts MUST pass throught .... (there are a few applications for which it is essential that the network appears as being thge same broadcast domain) 2. there are no problem on bandwidth (the connection between the gateway has plenty of bandwidth since it will be a semi-dedicated gigabit connection) 3. there are no security problem (if performance is improved, no problem to discard encryption). hence, the two gateway should operate as if there were bridges, getting all the traffic on eth1 port, encapsulating into ip packets, senting to the other gateway thet reinject into the other subnet and the other way, so the two gateway and the internet conenction appears as just a bridge. On 17 Jun 2003 at 21:43, Wilfried Essig wrote: > You could use debian-paket freeswan to build an ipsec-tunnel. Maybe you > have to compile your own kernel, to get the freeswan-patch in. > Put one half of your present subnet on one side and the second half on > the other side. > > -- > Wilfried Essig > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
-- Leonardo Boselli Nucleo Informatico e Telematico del Dipartimento Ingegneria Civile Universita` di Firenze , V. S. Marta 3 - I-50139 Firenze tel +39 0554796431 cell +39 3488605348 fax +39 055495333 http://www.dicea.unifi.it/~leo
