From owner-freebsd-net@FreeBSD.ORG  Wed Aug 27 13:56:20 2003
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id D845716A4BF
	for <freebsd-net@freebsd.org>; Wed, 27 Aug 2003 13:56:20 -0700 (PDT)
Received: from mizar.origin-it.net (mizar.origin-it.net [194.8.96.234])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 5C6A543FE5
	for <freebsd-net@freebsd.org>; Wed, 27 Aug 2003 13:56:17 -0700 (PDT)
	(envelope-from Helge.Oldach@atosorigin.com)
Received: from matar.hbg.de.int.atosorigin.com (dehsfw3e.origin-it.net
	[194.8.96.68])h7RKu6IO087322
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Wed, 27 Aug 2003 22:56:06 +0200 (CEST)
	(envelope-from Helge.Oldach@atosorigin.com)
Received: from dehhx004.hbg.de.int.atosorigin.com
	(dehhx004.hbg.de.int.atosorigin.com [161.90.164.40])
	ESMTP id h7RKu5K7043144;	Wed, 27 Aug 2003 22:56:05 +0200 (CEST)
	(envelope-from Helge.Oldach@atosorigin.com)
Received: by dehhx004.hbg.de.int.atosorigin.com with Internet Mail Service
	(5.5.2653.19)	id <QBQSWPSS>; Wed, 27 Aug 2003 22:56:05 +0200
Message-ID: <D2CFC58E0F8CB443B54BE72201E8916E94C9E4@dehhx005.hbg.de.int.atosorigin.com>
From: "Oldach, Helge" <Helge.Oldach@atosorigin.com>
To: "'Lars Eggert'" <larse@ISI.EDU>
Date: Wed, 27 Aug 2003 22:56:05 +0200
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain;
	charset="iso-8859-1"
cc: freebsd-net@freebsd.org
cc: hilman firmansyah <hilman@nap.net.id>
Subject: RE: Gif IPTunnel networkA-to-networkB not work
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Aug 2003 20:56:21 -0000

> From: Lars Eggert [mailto:larse@ISI.EDU]
> Sent: Mittwoch, 27. August 2003 17:45
> To: Oldach, Helge
> Cc: hilman firmansyah; freebsd-net@freebsd.org
> Subject: Re: Gif IPTunnel networkA-to-networkB not work
> Oldach, Helge wrote:
> > You must have the networks connected (on the public side), but when 
> > using IPSec your gif tunnel won't really be used. It is just sort of 
> > a "placeholder" to get the routing correct.
> 
> It is not a good idea to use gifs in parallel with IPsec tunnel mode.,
> to do this routing trick.

Fully agreed. The point is that a lot of documents on the web advise
to set up a gif tunnel in order to set up a IPSec tunnel. Which
is essentially nonsense. Apparently the original poster fell into the
same trap. Hence my clarification.

Helge