[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ossig] Re: [myoss] Linux kernel IP stack, 7-layer OSI cake and SNAT shenanigans

To: ossig@xxxxxxxxxxx
Subject: Re: [ossig] Re: [myoss] Linux kernel IP stack, 7-layer OSI cake and SNAT shenanigans
From: Christopher DeMarco <cdemarco@xxxxxxxxxxx>
Date: Thu, 4 Nov 2004 21:00:57 +0800
In-Reply-To: <20041104111323.0000329f@wl-lt>
References: <20041104062955.GA11318@bugs.md.com.my> <20041104084244.0000409c@wl-lt> <20041104075332.GA11792@bugs.md.com.my> <20041104091754.00002aba@wl-lt> <20041104085549.GA13312@bugs.md.com.my> <20041104101815.00006b7a@wl-lt> <20041104093249.GA13909@bugs.md.com.my> <20041104111323.0000329f@wl-lt>
Reply-To: ossig@xxxxxxxxxxx
Sender: owner-ossig@xxxxxxxxxxx
User-Agent: Mutt/1.4.1i

On Thu, Nov 04, 2004 at 11:13:23AM +0100, SianLun Lau wrote:

> the two networks *would* talk to each other as soon as you establish
> the  tunnel grom gw1  to gw2.   the routing  table would  be updated
> automatically   (at  least  with    FreeS/WAN     or  openswan    or
> strongswan). So once  tunnel is established,   you can see  that all
> traffic from one subnet is routed through the IPSEC interface.

> so in a  way, you don't  need NAT in  order to make the two networks
> realise each other's existance.

That's cute, I  didn't realize that.  But  the problem is that in this
case the other party we're connecting to is expecting  us to come from
the same network as  they're using -  and I don't intend to re-address
my network.  So the NAT requirement still stands.

No takers on whether I can do the NAT on  the same physical machine as
the IPsec?


-- 
% You are in a maze of twisty passages, all alike.
Christopher DeMarco <cdemarco@fastmail.fm>          
PGP public key ID 0x2E76CF5C @ pgp.mit.edu
+6012 232 2106


---------------------------------------------------------
To unsubscribe: send mail to ossig-request@mncc.com.my
with "unsubscribe ossig" in the body of the message

Follow-Ups:
- Re: [ossig] Re: [myoss] Linux kernel IP stack, 7-layer OSI cake andSNAT shenanigans
  - From: SianLun Lau

References:
- [ossig] Linux kernel IP stack, 7-layer OSI cake and SNAT shenanigans
  - From: cdemarco
- [ossig] Re: [myoss] Linux kernel IP stack, 7-layer OSI cake and SNATshenanigans
  - From: SianLun Lau
- Re: [ossig] Re: [myoss] Linux kernel IP stack, 7-layer OSI cake and SNAT shenanigans
  - From: cdemarco
- Re: [ossig] Re: [myoss] Linux kernel IP stack, 7-layer OSI cake andSNAT shenanigans
  - From: SianLun Lau
- Re: [ossig] Re: [myoss] Linux kernel IP stack, 7-layer OSI cake and SNAT shenanigans
  - From: cdemarco
- Re: [ossig] Re: [myoss] Linux kernel IP stack, 7-layer OSI cake andSNAT shenanigans
  - From: SianLun Lau
- Re: [ossig] Re: [myoss] Linux kernel IP stack, 7-layer OSI cake and SNAT shenanigans
  - From: cdemarco
- Re: [ossig] Re: [myoss] Linux kernel IP stack, 7-layer OSI cake andSNAT shenanigans
  - From: SianLun Lau

Prev by Date: Re: [ossig] Re: [myoss] Linux kernel IP stack, 7-layer OSI cake andSNAT shenanigans
Next by Date: Re: [ossig] FOSS Meet
Prev by thread: Re: [ossig] Re: [myoss] Linux kernel IP stack, 7-layer OSI cake andSNAT shenanigans
Next by thread: Re: [ossig] Re: [myoss] Linux kernel IP stack, 7-layer OSI cake andSNAT shenanigans
Index(es):
- Date
- Thread