Date: Sun, 18 Aug 2013 11:20:40 +0100 From: Frank Leonhardt <freebsd-doc@fjl.co.uk> To: Terje Elde <terje@elde.net> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: VPN where local private address collide Message-ID: <52109FF8.7010301@fjl.co.uk> In-Reply-To: <1FF39756-0555-4CD8-95B7-862F9644CF78@elde.net> References: <520E5EC0.5090105@fjl.co.uk> <9FB6809B-DD5D-4A04-8BD9-0271FAC03181@elde.net> <520F53A2.80707@fjl.co.uk> <B86F8EA5-67BE-4791-8CAE-6E70BB326500@elde.net> <520F8AA8.8030407@fjl.co.uk> <1FF39756-0555-4CD8-95B7-862F9644CF78@elde.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 18/08/2013 00:29, Terje Elde wrote: > > The obvious answer is IPv6, of course. I'm surprised no one has > mentioned it yet. > > You seemed dead set on not renumbering the networks, and moving to > IPv6 would not only be just that, but also be harder than just > renumbering IPv4-nets, so you answered that question for us already. I was being ironic ;-) I'm not sure that TLS would cause more problems than any other packets, but as you point out, the exercise is bound to be full of pooh traps as yet undiscovered. FTP should be interesting, for a start. But for most things, why would swapping an IP address in the packet header cause any kind of problem as long as it was done consistently? Apparently Cisco routers manage to sort this all out as a matter of course, which goes some way to explaining why they cost so much. There are lots of corporate networks on 10.x.x.x, and I'm told this kind of caper is used to sort them out when they collide. Paying for a Cisco VPN could easily work out cheaper than reconfiguring a large corporate LAN, but I don't have the budget for either. Unfortunately this goes beyond my current knowledge of FreeBSD's networking layers so I may be busy for some time. Regards, Frank.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?52109FF8.7010301>