masquerading (NAT) through a cipe connection|
Truxton Fulton <trux,AT,truxton,DOT,com>|
Tue, 9 Jan 2001 18:10:50 +0100|
It appears that packets routed through a cipe connection cannot be
masqueraded, like they can through a ppp connection. In other words,
a computer with a cipe connection to the internet cannot perform
masquerading for other hosts on the local subnet over the cipe link.
The cipe documentation several times compares a cipe link to a ppp
link and says that routing should be similar. But with Linux 2.4
what appears to happen is that the cipe encapsulating packets
_themselves_ are modified by the source NAT rather than the payload
packets. So, of course this doesnt work.
What works for me is to establish a GRE tunnel on top of the cipe
link, and do all my routing through the GRE tunnel.
Just thought you might like to know...