1 | This directory contains the configuration files for "our" internal |
1 | These files are configuration files for "our" internal network. |
2 | network. |
|
|
3 | |
2 | |
4 | It is highly non-trivial, so don't use this configuration as the basis of |
3 | It is highly non-trivial, so don't use this configuration as the basis of |
5 | your network unless you know what you are doing. |
4 | your network unless you know what you are doing. |
6 | |
5 | |
7 | It features: around 15 hosts, many of them have additional networks behind |
6 | It features: around 30 hosts, many of them have additional networks behind |
|
|
7 | them and use an assortment of different tunneling protocols. The vpn is |
8 | them. The vpn is fully routed, no arp is used at all. |
8 | fully routed, no arp is used at all. |
|
|
9 | |
|
|
10 | The public IP addresses of connecting nodes are automatically registered |
|
|
11 | via dns on the node ruth, using a node-up/node-down script. |
9 | |
12 | |
10 | And last not least: the if-up script can generate information to be used |
13 | And last not least: the if-up script can generate information to be used |
11 | in firewall rules (IP-net/MAC-address pairs) so ensure packet integrity so |
14 | in firewall rules (IP-net/MAC-address pairs) so ensure packet integrity so |
12 | you can use your iptables etc. firewall to filter by IP address only. |
15 | you can use your iptables etc. firewall to filter by IP address only. |