RE: bridge + cipe|
"Frater, Greg" <gjfrater,AT,bechtel,DOT,com>|
Thu, 12 Jul 2001 17:22:11 +0200|
Two questions about your scenario:
Do I need to set up a route between the two networks, I can't seem to get my
mind around how this would look. Would I just add a route for 188.8.131.52/20
for eth1 and another one of 172.19.0.0/20 for eth0?
Also how does the traffic get from the bridge (eth0, and cipdb0) and eth1?
If it is with routing will it pass the broadcast traffic? Man, I am just
not grasping this.
Thanks for the help, can anyone explain this that has done it?
I guess this is what I get for saying "Hey I think we can do that with
Linux!" This is an all NT shop, Linux is pretty much like a bad word around
here. Still plugging away...
I don't know a whole lot about bridging, but I do know this:
Asusming that eth0 is internal private network, eth1 is external
public/Internet network, and cipcbX is your CIPE/WAN link:
Bridging eth0 and eth1 and cipcb0 will create security holes. now
you're bridging all traffic to all interfaces. It'd be like replacing
your linux box with a 3 port switch. If my understanding is correct,
you're sending all packets to all interfaces like a switch would (ok,
almost since switches and bridges pass packets based on MAC addresses).
Security aside, here's another idea for you to try:
eth0: lan (172.19.0.1/20)
eth1: wireless (184.108.40.206/20)
eth0: lan (172.19.0.2/20)
eth1: wireless (220.127.116.11/20)
Now cipe-link via the 18.104.22.168/20 and 22.214.171.124/20 interfaces. Then
bridge eth0+cipcb0 and eth0+cipcb0 at site1 and site2.
I think the problem you may be running into is that you have 2 network
cards with interfaces on the same network. I used the second network on
your subnet'd class B for the wireless side so your linux box
won't get confused. Maybe this will work? Just a suggestion; I've never
done it before. Let me know what you find!
On Wed, 11 Jul 2001, Frater, Greg wrote:
> Hello All,
> Searching the archives revealed several postings regarding this subject.
> However, all I could get from them was that I can use bridging and CIPE
> not how to do it.
> I am working with a wireless bridge that links two offices that are on a
> flat network, i.e. everyone is on the same subnet. We need to encrypt the
> data that crosses the wireless bridge and I need to do it with bridging to
> support broadcast traffic. I have two machines running rh 7.1 with kernel
> 2.4.5 running CIPE 1.5.2 with bridging enabled in the kernel. Bridging
> CIPE load without errors and I can bridge the traffic just fine. How do I
> send the traffic from eth0 through the cipdb0 device and then out eth1?
> I have to use routing? And if so how do I do this and maintain the
> functionality (broadcast traffic)?
> I made all three interfaces (eth0, eth1, and cipdb0) part of the bridge is
> that right?
> Is there more documentation on the net, other than the info page that
> with the cipe package, that I have not seen.
> ps. We are using a 172.19.0.0 network with a netmask of 255.255.240.0.
> Again both buildings are on the same subnet.
> In need of some hand holding,
> Greg Frater
> WTP IT Dept.
> 509 371-3537
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive:
Message sent by the cipe-l,AT,inka,DOT,de mailing list.
Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
Other commands available with "help" in body to the same address.
CIPE info and list archive: