[Openswan Users] 2 or more virtual interfaces defined to 1 physical interface

Agent Smith news8080 at yahoo.com
Sat Oct 18 15:48:40 EDT 2008 

Lawrence,

could you name a few? I searched and the only thing I found was bandwidthd and the problem with that is that you can only collect stats for one subnet so lets say you have 10 tunnels all with dirrerent IP subnets and you want MRTG like stats for each of them seperatly, you can't do that.




--- On Wed, 10/15/08, Lawrence Manning <lawrence.manning at smoothwall.net> wrote:

> From: Lawrence Manning <lawrence.manning at smoothwall.net>
> Subject: Re: [Openswan Users] 2 or more virtual interfaces defined to 1 physical interface
> To: "Jennifer Agarwal" <jsagarwal at exqss.com>
> Cc: users at openswan.org
> Date: Wednesday, October 15, 2008, 10:11 AM
> On 15 Oct 2008, at 14:42, Jennifer Agarwal wrote:
> 
> >
> > Hello,
> >
> > In ipsec.conf can you do the following, assign
> multiple virtual  
> > interfaces to a single physical interface?
> >
> > config
> >    interfaces="ipsec0=eth0 ipsec1=eth0
> >
> > My client is interested in assigning a single ipsecX
> interface to  
> > each connection they define so they  can track the
> statistics and do  
> > QoS on a per connection basis.
> >
> > Any thoughts you have on this matter would be greatly
> appreciated.
> 
> My understanding is this is not possible.  At least in
> openswan 2.4.9  
> (probably old) you cannot do this.
> 
> For traffic stats, iptables should probably suffice.  There
> are  
> doubtless free tools that can collect this information. 
> You should be  
> able to create a iptable rule for your tunnels and collect
> the stats  
> that way.
> 
> For QoS it would depend on the implementation, but again IP
> addresses  
> should be able to tell you which tunnel the traffic is on,
> even though  
> all the traffic is on the ipsec0 interface.
> 
> Hope that helps some...
> -- 
> 
> Lawrence Manning
> Lead Developer
> Smoothwall Ltd. -  http://www.smoothwall.net/
> 
> SmoothWall Limited
> 1 John Charles Way
> Leeds LS12 6QA
> United Kingdom
> 
> Phone:
> 1 800 959 3760 (USA, Canada and North America)
> 0870 1 999 500 (United Kingdom)
> +44 870 1 999 500 (all other countries)
> Fax:
> +44 870 1 991 399
> 
> SmoothWall Limited is registered in England, Company
> Number: 4298247
> 
> This email and any attachments transmitted with it are
> confidential to  
> the intended recipient(s) and may not be communicated to
> any other  
> person or published by any means without the permission of
> SmoothWall  
> Limited.  Any opinions stated in this message are solely
> those of the  
> author.  See: http://smoothwall.net/company/email.php for
> the full  
> text of this notice.
> 
> 
> 
> 
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with
> Openswan: 
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

More information about the Users mailing list