[Spread-users] Tunnels

Theo Schlossnagle jesus at omniti.com
Wed Jan 9 11:07:38 EST 2002

On Wednesday, January 9, 2002, at 10:46  AM, Jonathan Stanton wrote:
> Probably the best solution for private ip addresses with security today 
> is
> to use IP in IP tunneling (maybe with IPSEC) between your routers on 
> each
> private segment. That will appear to spread as if the segments are 
> directly
> connected (the traffic will have the right source addresses) and IPSEC 
> or
> equivelent provides the security. I thought the overhead of this was
> reasonable, but maybe this is the solution you are referring to below as
> being a lot of overhead.

Just as a note:

I have done this and it works like a charm. (IPSEC based VPN and the 
route between machines crosses this virtual link).

Of course, I have the two segments as different segments in the Spread 
configuration file and they are on different subnets and IP route 
between.  So the only (spread related) traffic that traverses the VPN is 
point-to-point UDP.

Theo Schlossnagle
1024D/82844984/95FD 30F1 489E 4613 F22E  491A 7E88 364C 8284 4984
2047R/33131B65/71 F7 95 64 49 76 5D BA  3D 90 B9 9F BE 27 24 E7

More information about the Spread-users mailing list