Subject: Re: gre encap destination = point-to-point destination
To: Gert Doering <firstname.lastname@example.org>
From: Thor Lancelot Simon <email@example.com>
Date: 11/06/2006 20:42:54
On Mon, Nov 06, 2006 at 11:12:02PM +0100, Gert Doering wrote:
> While at it, the gre(4) man page needs serious rework - the configuration
> example actually *suggests* that it might be a fairly normal thing to have
> the same IP address for "tunnel inside destination" and "tunnel outside
It was probably copied from the gif(4) manual page.
I doubt it matters much for gre, but if this configuration stops working
with gif, it will become _impossible_ to talk to IPsec peers which do not
implement transport mode.
I believe we don't run into the recursion with gif because of the (rather
frightening) way packets actually are fed into gif for encapsulation in
the IPsec case.