<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: suggestions, connecting 2 inconvenient hosts
From: ewheeler,AT,kaico,DOT,com
Date: Tue, 2 Jul 2002 23:10:38 +0200
In-reply-to: <vxkn0tam6iw.fsf@cinnamon.vanillaknot.com>

Make site 1 your router.  If site 1 runs on 192.168.0.0/24, 2 is
192.168.1.0/24 and 3 is 192.168.2.0/24, add routes at 1, 2, and 3 to
eachother over the cipe network.

ie:
site 2:
  route add -net 192.168.2.0 netmask 255.255.255.0 gw [1's cipe address]

site 3:
  route add -net 192.168.1.0 netmask 255.255.255.0 gw [1's cipe address]

I think that should be sufficient since 1 already knows everyone's route
and 2/3 know 1 is 192.168.0.0/24 via the cipe addresses.  Just make sure
you "echo 1 > /proc/sys/net/ipv4/ip_forward" on each system which needs to
route (at least site 1).  

As long as you keep 2&3's cipe links alive, they won't know they are
firewalled (err...masq'd).

--Eric

On Tue, 2 Jul 2002, Karl Kleinpaste wrote:

> I have 3 machines in use:
> 1 - fixed IP addr, no firewall or gateway.
> 2 - dialup, random IP addr.
> 3 - fixed IP addr behind ipmasq gateway.
> 
> At this time, I connect both 1<->2 and 1<->3 such that 1 has "peer
> 0.0.0.0:port".  2 and 3 make the "active" side of establishing the
> connection, and the world is wonderful, and has been for months.  Fine
> so far.
> 
> Now I need to connect 2 and 3.  The problem is that, as a dialup, the
> line drops every 10 or 12 hours whether I like it or not -- the ISP
> just doesn't allow the line to remain permanently in use, though (as
> it happens) they don't mind the fact that I immediately reconnect and
> so am effectively connected 24x7.
> 
> The problem, of course, is that 2 cannot find 3 on its own at all, and
> the address of 2 changes with each new connection such that 3 will
> have to find it afresh whenever it disappears and comes back.  I use
> dyndns.org for 2, which at least means I can do a DNS query to find
> it.
> 
> What I fear I am stuck with is
> - 2 uses "peer 0.0.0.0:port" so that it is passive with regard to
> connection establishment, and
> - 3 must periodically have its ciped-cb for that link killed and
> restarted in order that a new IP addr be found, because ciped-cb does
> not have any provision for deciding that the remote "real" IP addr has
> changed underneath itself.
> 
> Might anyone have any other possible configuration suggestions?
> Managing kill/restart this way is a grotesque hack at very best.
> 
> --karl
> 
> --
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive: 
><URL:http://sites.inka.de/~bigred/devel/cipe.html>
> 

-- 

Eric Wheeler
Network Administrator
KAICO
20417 SW 70th Ave.
Tualatin, OR 97062
www.kaico.com
Voice: 503.692.5268





<< | Thread Index | >> ]    [ << | Date Index | >> ]