Subject: Re: tap(4) + bridge(4) + OpenVPN advice sought
To: Sean Davis <firstname.lastname@example.org>
From: Thor Lancelot Simon <email@example.com>
Date: 07/11/2005 00:18:34
On Mon, Jul 11, 2005 at 12:02:34AM -0400, Sean Davis wrote:
> Linux host @ hosting provider: 64.34.xx.xx
> Home LAN: 192.168.1.xx
> I'd like to make the Linux box appear as, say, 192.168.1.99, to machines in
> the home LAN.
The clean way to do this is with tunnel mode IPsec and a tiny routed piece
of your home network -- chop off four addresses and throw them over there.
The dirty way, which doesn't burn any address space, is with tunnel mode
IPsec and proxy ARP.
Either will work. No tap nor bridge required. Though they're a bit
cryptic, I think the examples in the IPsec policy and setkey manual
pages will give you enough to set this up (you want tunnel-mode ESP).
You can configure the single 192.168.1.99 address as an alias on loopback
on the machine at the hosting provider.