From: Peter Richard (list_tom_at_yahoo.com)
Date: Mon Nov 04 2002 - 17:15:54 CET
Hi
This is in relation to ipsec tunnels created by freeswan implementation of ipsec.
Consider this enviroment:
In this suppose 2 linux box are connected with 3(or more Leased Line/ADSL connection)
>
> ADSL Line-1
> /--------------------------------\
> | +---------+/ \+---------+ |
> +----+Linux Box|---==============================---|Linux Box|----+
> | +---------+\ ADSL Line-2 /+---------+ |
> \
> \ /
> \-----------+POTS+-----------/
ADSL Line-3
My requirment is that i want to establish 3 or more tunnels between 2 comunicating peers
and want effective n full utilization of all the three lines.After carefully studying KLIPS
architecture i find:-
1.The SA formed in eroute tabele uses a SAID <Dest Address,Protocol,spi>which means
that 2 or more simulaneous SA cant be formed between 2 peers.So we need to modify the
eroute radix tree structure for it.
2. If we can support muliple entries for 2 or more SA betwwen communicatin SA's then
may be we can solve problem?
3. Also we need to effectively divide the traffic on the tunnels.
4. I have read multiple path routing over GRE tunnels document which uses transport mode
for establishment.
Some of my queries:-
1. Has anyone done n has a implementation of suggestion (4) n he can provide me with help?
2. Is there nyone who has implemneted it with usin tunnel mode?
3. Can nyone give me ny direction in this field also guide me through?
I wud be highly grateful if ny one cud provide views on my findins n help me in future in this field.
Thnx
regards
Peter
---------------------------------
Do you Yahoo!?
HotJobs - Search new jobs daily now
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Tue Nov 05 2002 - 05:20:44 CET