Re: IPv6 (was: Oh yeah, I'm famous)

[Jeff Licquia <jeff@luci.org>]

On Fri, Aug 11, 2000 at 11:41:51PM -0500, Charles Menzes wrote:
> so, are both LANs using the same block of rfc1918 addresses? i had to do
> exactly what you are doing with two sites using 192.168.200/24, and
> neither wanting to renumber. it was difficult to do because each side also
> did not have a sufficient pool of live addresses to do static mappings per
> host.

No.  In this case, neither side really knows that the other side has
those addresses.  The local side simply telnets to a port on the
internal firewall, which gets forwarded to a port on the external
firewall with masq, which gets forwarded across the VPN to the remote
side, which thinks the connection is coming from the external
firewall.  The local clients don't see the 192.168.1.x address for the
remote server (to use my example), and the server doesn't see that the
clients are using 192.168.1.x.

(Well, they kinda do.  They're accessing SOCKS, and asking the SOCKS
proxy to connect to 192.168.1.x, but the clients don't try to access
the server directly.)

I should point out that none of this is tested yet; it's just my best
guess as to how to pull this off.  But I think it'll work.

(Again: it would be better if we both could afford to number our
internal nets in a noncongested address space.)
-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.