On Tue, Dec 09, 2008 at 11:17:22AM +1100, Rod Whitworth wrote: > On Mon, 8 Dec 2008 17:29:16 -0500, Jason Dixon wrote: > > >On Tue, Dec 09, 2008 at 09:16:29AM +1100, Rod Whitworth wrote: > >> On Mon, 8 Dec 2008 16:40:56 -0500, Jason Dixon wrote: > >> > >> >I don't know how to answer your question because the network art above > >> >is unreadable. gre(4) will allow you to route networks across a tunnel. > >> >Think of it as IPSec without the Sec. It will allow networks that are > >> >usually non-routable (rfc1918) to route to each other. It will also > >> >allow you to extend segments of your public networks elsewhere. > >> > > >> > >> Let's go super simple. > >> Existing setup: > >> ISP#1------A------ISP#2 > >> A has a /30 on each side > >> A has a /29 routed to it from ISP#1 > >> > >> Desired setup: > >> ISP#1--A--ISP#2---------MyISP---B > >> ALL traffic to A via ISP#1 is to go to B > >> ALL replies to return via A > >> B will handle A's /29 > >> A should just be a "lump in the pipe" > >> Translation of addresses en route is fine as long as connections from > >> the cloud intended for A get to B and responses get back looking like > >> the real thing. > >> > >> Possible? > > > >If I understand your description, yes. > > So I setup a gre tunnel a la the manpage example. > But how does the traffic coming from ISP#1 get to be treated properly > at B? > And replied to without the sender seeing that it's from a foreign > destination? > And will the /29 arrive at B ready to route to local hosts?
I don't mean this in a RTFM-ish way, but you really just need to sit down with a test setup and try it out for yourself so you can see what is capable. Then come back and have questions as needed. -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net/
