Tunneling in Ubuntu
NoOp
glgxg at sbcglobal.net
Thu Feb 4 01:27:57 UTC 2010
On 02/03/2010 02:21 PM, Smoot Carl-Mitchell wrote:
> On Wed, 2010-02-03 at 22:40 +0100, Werner Schram wrote:
>>
>> On Wed, Feb 3, 2010 at 7:02 AM, Nazeem نجم لدين <nazeemnss at gmail.com> wrote:
>> >
>> > hi,
>> > Can you suggest way of getting a multicast tunnel work. The assumption is
>> > that there is a unicast cloud in between two mbone networks. So we need to
>> > forward the multicast traffic over the unicast tunnel. Application is for
>> > video transmission.
>> > -Nazeem
>> >
>>
>> I think you should be able to do it with openvpn. Using the tap setup,
>> you can create a OSI layer 2 tunnel, which should be able to handle
>> ip-multicast. You then need to update the routing tables in both
>> networks to send multicast traffic to the tunnel in stead of the router.
>> If you fully thrust the connection between the two networks, you could
>> disable openvpn's encryption for better performance.
>
> You can also do this with SSH which I find simpler than openvpn to
> configure (although I have done both). Check out the -w argument to SSH
> and the 'Tunnel' configuration parameter. Tunnel lets you do either
> layer 3 (point-to-point) or layer 2 (ethernet). You do incur the
> encryption overhead, but I would not run a VPN connection over the
> Internet unencrypted.
>
>
Or, buy and use routers on each end that do the vpn encryption in
hardware. I typically avoid software vpn solutions (except for roaming
clients) for commercial/semi-commercial/private vpn networks. In the
past I've used (and still do) Linksys/Cisco BEFVP41 routers on each end.
I'm sure that there are now more modern models that can do this as well,
but the BEFVP41's (model 2/2.1) have been quite trustworthy. Setup is
simple, the encryption takes place in the hardware so it's fast and
doesn't require client software on each side of a direct connect, and
both sides can be set up to autoconnect & use keepalive to stay up even
with non-static ip addresses (I use dyndns.org for my non-commercial dsl
connections).
More information about the ubuntu-users
mailing list