Each tunnel will only get traffic sent to the CIPE adapter's MAC on the far
end or to the broadcast MAC (0's).
So if you have the following three way tunnel setup (showing only the CIPE
traffic from 192.168.20.1 to 192.168.20.2 will never be sent over the tunnel
between 192.168.20.1 and 192.168.20.3. However, if 192.168.20.1 broadcast
packets to 192.168.20.0 (subnetted to 255.255.255.0), those packets would
traverse both tunnels.
You're right about the traffic if you are broadcasting in this fashion and
both peers are a WAN away from 192.168.20.1 because the broadcast would be
turned into two VPN tunnel packets.
With your original setup, you don't show the routing rules, which you must
have because 10.0.0.254 is the router for each of these point to point
tunnels. i.e. 10.0.0.1 must "know" that 10.0.0.254 is the way to 10.0.0.3,
and so on.
Hope that helps.
On Wednesday 22 January 2003 06:40 pm, you wrote:
> From: Damion Wilson
> > No, don't do that. CIPE-Win32 does emulate an Ethernet LAN (including ARP
> > synthesis). Just set the subnet mask properly (preferably Class C) for
> > each VPN adapter in the TCP/IP settings and then configure each peer's
> > settings for that adapter. I had three and four way VPN pseudo-LAN's
> > running like that two years ago. It even handles broadcasts.
> Doesn't that make a lot of extra traffic over the WAN compared to normal
> routing? I've got a dozen offices connected through Linux CIPE tunnels
> that look like 4 host subnets with appropriate routes through each. I
> don't think I'd want it to look like an ethernet or carry all the
> Les Mikesell