Hi Francois, I don't think VTun can be completely silent if it's idle. In fact, I think that no TCP or UDP tunnel app can. (Folks: correct me if I'm wrong?)
Stepping away even farther, when we consider what happens when there's traffic on the server end, and no data to bring up the on-demand link from the client end, then most on-demand services are no good in a permanent setup. I used diald, back in the day, but it became far more of a liability when someone left ICQ running -- thinking you're offline and knowing it are two different ideas when the link's expensive! Having said that, look into pipsec by Pierre Beyssac at http://perso.telecom-paristech.fr/~beyssac/pipsec/ . It chatters lightly when it's idle, but maybe we can disable that. It seems to completely hate openssl, these days, but it's easy enough to configure if you can get over that obstacle. Along the same vein, look into a tie into the ipsec code in whatever freeswan became, and see if you can cut a connection routine into the opportunistic encryption bit. I think that if you cause it to bring up a link in addition to encrypting data for peers whose key it's cached, then you could provide yourself a very nice and light on demand mechanism; most of the work's done for you. Just tell me what happens when there's arbitrary data coming back and there's no sat link. - bish Francois Goudal wrote: > Hi, > > I'd like to setup a tunnel between a dialup computer and a server. > Since the cost of the dialup connection is extremely expensive (it goes > over satellite), it uses dial on demand, so that if there is no traffic, > the channel gets closed, so I'm not paying. > > I already tried some other tunnel stuff, like OpenVPN, but the problem > is that for the negociation between client and server, some data is > going through permanently (keepalive, and key exchange, ...), even if > there's no actual data to be transferred through the tunnel. > > I'm looking for a tunnel solution that would have no negociation between > the two hosts. Each host would be configured with the other end IP > address, and that would only make traffic when there is traffic to be > tunnelled. Is it something I could do with Vtun ? > > Best regards, > > > -- People don't know that vi was written for a world that doesn't exist anymore -- Bill Joy, creator of vi http://www.theregister.co.uk/2003/09/11/bill_joys_greatest_gift/ ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Vtun-Users mailing list Vtun-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/vtun-users
