i'm doing debian VPN research for a red-hat fan. hopefully
we'll get another 'sale' under our belts shortly...
short version: if i've got ipmasq (which i do) working,
can i conjure up a few more settings for VPN? if so,
how? (HOWTO sez to rearrange kernel guts, which i'm averse
to.)
long version:
i found VPN-Masquerade-HOWTO.txt.gz and it looks like
an overview of the fact that VPN is possible if you're
willing to get elbow-deep in the bowels of your kernel.
aaugh! hopefully there's a debian package that's got
this built in... plus, the HOWTOs are old enough,
maybe the kernel just comes with VPN already...?
also, ipfwd and ipport aren't apt-get package names,
so where are they hidden?
and in VPN-HOWTO.txt.gz i ran across
For those using 2.2 kernels, please read ``this''.
which struck me as very funny.
at www.debian.org with no search capabilities,
i had some difficulty... but i found this:
http://www.debian.org/Packages/stable/net/ipip.html
This daemon provides an alternative to the kernel-resident support
for IP encapsulation links. It is better suited for situations
where there are many encapsulation connections to be managed,
such as is the case for amateur radio interconnection of network
44. Also, because the daemon is outside the kernel, it provides an
excellent environment for experimenting with alternate mechanisms
for distributing encapsulation routing updates.
If you need one encapsulation link, use the kernel's built-in
support. If you need a lot of encapsulation links, give this
daemon a try.
i presume encapsulation link is technospeak synonym for VPN?
this implies that the kernel can do what i'm after, right out
of the box.
if it's built in to the kernel, how do we activate it and
where do we put the settings?
or am i all wet, again, and encapsulation link means something
else entirely?
