[ale] Routing Questions

Geoffrey esoteric at denali.atlnet.com
Sun Dec 2 20:45:06 EST 2001


Okay guys, I've put some thinking into this and I see the err in my
ways.  If the private networks have multiple devices (machines) you
can't just NAT through the internet if the private machine on NET A
wants to talk to a private machine on NET B, since NATing will make it
appears as it's always the machine with the public IP sending stuff.

DUH, sorry it took me so long.....

Geoffrey wrote:
> 
> Joseph A Knapka wrote:
> >
> > Geoffrey wrote:
> > >
> > > Joseph A Knapka wrote:
> > > >
> > > > Chris Fowler wrote:
> > > > >
> > > > > I have 2 networks now.  One in Buford and One in Alpharetta.
> > > > >
> > > > > Alpharetta:  192.168.2.0
> > > > > Buford:  192.168.1.0
> > > > >
> > > > > Both networks are connected to the internet using telocity.  I want to be able to route packets between both of the private nets.  Is this possible since these
> > > > > are 192.168.*.
> > > >
> > > > You need some form of VPN.
> > >
> > > Why?  I can understand if you want the connection to be secure, but I
> > > didn't catch that in the original post.  Why can't he use the ips
> > > provided by the telocity connections to provide the connectivity?
> >
> > Because his network addresses aren't publically routable.
> 
> I realize that, hence the suggestion of using the ips provided by
> telocity.
> 
> My point is, there are two issues here.  The connectivity issue, I
> think, can be fixed without a vpn solution.  I just didn't see anything
> in the original posting that indicated he wanted/needed to protect the
> data.
> 
> As I recall, the question was about routing from A to B, nothing noted
> regarding encryption or protection.  He may not care who sees the stuff,
> who knows.
> 
> > He has one publically-routable address on each network,
> > but the machines behind the routers are on 192.168.* nets.
> > Granted, he wouldn't need a virtual *private* network,
> > put he most definitely needs a tunnel of some sort, and
> > it doesn't seem prudent to tunnel unencrypted data across
> > the public network.
> >
> > Cheers,
> >
> > -- Joe
> 
> --
> Until later: Geoffrey           esoteric at denali.atlnet.com
> 
> "...the system (Microsoft passport) carries significant risks to users
> that
> are not made adequately clear in the technical documentation available."
> - David P. Kormann and Aviel D. Rubin, AT&T Labs - Research
> - http://www.avirubin.com/passport.html
> 
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
> sent to listmaster at ale dot org.

--
Until later: Geoffrey		esoteric at denali.atlnet.com

"...the system (Microsoft passport) carries significant risks to users
that
are not made adequately clear in the technical documentation available."
- David P. Kormann and Aviel D. Rubin, AT&T Labs - Research
- http://www.avirubin.com/passport.html

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list