One IP used on more than one interface (gif0 and lo0)
Charlie ROOT
root at fro.boniholding.com
Wed Mar 10 05:50:59 PST 2004
I was asking because of this:
"To make firewalling and managing traffic f lowing thru the ip tunnel
a little easier I used virtual interfaces; I added aliases to the
loopback interface(lo0) on both gateways to use as inside endpoints
for the tunnel. That way I have a chance to control the traffic at the
gateway before passing it on out the internal interface to it's local
network. Useful for NAT situations, trouble-shooting and easier to setup
firewall rules because it is easier to picture/diagram the network flow."
"IPsec VPN using FreeBSD"
Greg Panula, 2001
GSEC Practical version 1.2e
/ www.sans.org/rr/papers/21/795.pdf /
"
...
First setup the aliases
On bert I added 5.5.5.1 as the alias
ifconfig lo0 alias 5.5.5.1 netmask 255.255.255.252
...
Next actually setup the tunnel
On bert I did this:
gifconfig gif0 2.2.2.2 3.3.3.3
ifconfig gif0 inet 5.5.5.1 5.5.5.2 netmask 255.255.255.252 "
Can somebody picture/diagram me the network flow..
The incoming packets - what exactly happens with them?
From which interface they came from - gif0? And if they
did - what is the alias on lo0 for?
Best regards,
Fro
More information about the freebsd-net
mailing list