[Openswan Users] assistance with atypical configuration
Neal Murphy
neal.p.murphy at alum.wpi.edu
Tue Nov 9 15:02:20 EST 2010
On Tuesday 09 November 2010 12:30:08 Frank Temple wrote:
> I am investigating how to configure the network detailed below. I am aware
> that some manual scripting may be required. All of the hosts are using
> openswan.
>
> A--------B-------D
> A--------C-------D
>
> There are four hosts. The tunnels are detailed with the lines above. The
> objective is to permit A to communicate with D through B or C. A needs to
> route to D in the morning via B and in the afternoon via C. This is the
> part where I assume some manual scripting may be required. I can do that
> part, I just need to learn what needs to be done. The private IP for D
> should be the same for A independent of the tunnel (B,C) selected.
Every *routed* LAN must have a unique address.
Using two routes equally involves 'policy routing'. Take a gander at
lartc.org; in Linux at least, you can configure both A and D to balance the
traffic between each other using both B and C.
If you really have to have overlapping (or concurrent) subnets at A and D, you
will have to find a way to bridge the two LANs across the IPSEC tunnels. My
simple mind say, "Lift layer 2 into a point-to-point tunnel between A and D."
More information about the Users
mailing list