… | |
… | |
127 | .\} |
127 | .\} |
128 | .rm #[ #] #H #V #F C |
128 | .rm #[ #] #H #V #F C |
129 | .\" ======================================================================== |
129 | .\" ======================================================================== |
130 | .\" |
130 | .\" |
131 | .IX Title "VPE 8" |
131 | .IX Title "VPE 8" |
132 | .TH VPE 8 "2003-03-24" "0.1" "Virtual Private Ethernet" |
132 | .TH VPE 8 "2003-03-26" "0.1" "Virtual Private Ethernet" |
133 | .SH "NAME" |
133 | .SH "NAME" |
134 | vpe \- Overview of the virtual private ethernet suite. |
134 | vpe \- Overview of the virtual private ethernet suite. |
135 | .SH "DESCRIPTION" |
135 | .SH "DESCRIPTION" |
136 | .IX Header "DESCRIPTION" |
136 | .IX Header "DESCRIPTION" |
137 | Vpe is a suite designed to provide a virtual private network for multiple |
137 | Vpe is a suite designed to provide a virtual private network for multiple |
138 | nodes over an untrusted network. |
138 | nodes over an untrusted network. |
139 | .PP |
139 | .PP |
140 | \&\*(L"Virtual\*(R" means that no physical network is created (of course), but an |
140 | \&\*(L"Virtual\*(R" means that no physical network is created (of course), but an |
141 | ethernet is emulated by creating multiple tunnels between the member |
141 | ethernet is emulated by creating multiple tunnels between the member |
|
|
142 | nodes. |
|
|
143 | .PP |
142 | nodes. \*(L"Private\*(R" means that non-participating nodes cannot decode |
144 | \&\*(L"Private\*(R" means that non-participating nodes cannot decode (\*(L"sniff)\*(R" nor |
143 | (\*(L"sniff)\*(R" nor inject (\*(L"spoof\*(R") packets. In the case of vpe, even |
145 | inject (\*(L"spoof\*(R") packets. |
144 | participating nodes cannot spoof packets from other nodes. And \*(L"network\*(R" |
146 | .PP |
145 | means that more than two parties \- many so-called vpn solutions only |
147 | In the case of vpe, even participating nodes cannot sniff packets send to |
146 | create point-to-point tunnels \- can participate in the network, so it's |
148 | other nodes or spoof packets as if sent from other nodes. |
147 | possible to connect multiple branches of a company into a single network. |
149 | .PP |
|
|
150 | \&\*(L"Network\*(R" means that more than two parties can participate in the |
|
|
151 | network, so for instance it's possible to connect multiple branches of a |
|
|
152 | company into a single network. Many so-called \*(L"vpn\*(R" solutions only create |
|
|
153 | point-to-point tunnels. |
148 | .Sh "\s-1DESIGN\s0 \s-1GOALS\s0" |
154 | .Sh "\s-1DESIGN\s0 \s-1GOALS\s0" |
149 | .IX Subsection "DESIGN GOALS" |
155 | .IX Subsection "DESIGN GOALS" |
150 | .IP "\s-1SIMPLE\s0 \s-1DESIGN\s0" 4 |
156 | .IP "\s-1SIMPLE\s0 \s-1DESIGN\s0" 4 |
151 | .IX Item "SIMPLE DESIGN" |
157 | .IX Item "SIMPLE DESIGN" |
152 | Cipher, \s-1HMAC\s0 algorithms and other key parameters must be selected |
158 | Cipher, \s-1HMAC\s0 algorithms and other key parameters must be selected |