On Sat, May 26, 2007 at 05:03:43PM -0400, Andreas Wrede wrote:
> Ok. I need to connect multiple private networks (currently 8) with  
> each other in a secure fashion.  At least 2 of these networks have  
> multiple connections to the Internet. Two of the gateways are Cisco  
> routers, the remaining 6 are NetBSD machines. There is a secondary  
> requirement to connect distant private networks, ie. networks that  
> have no Internet connection, only a private link to another private  
> network.
> 
> My solution currently is to create a full mesh of tunnels between all  
> nodes, create IPsec transport encryption "underneath" each tunnel and  
> run OSPF on top to manage the routing.

Are the private networks all in RFC1918 address space?  Are you
coordinating RFC1918 addresses between networks?  If so, you can uniquely
address the hosts .178.223 and .14.216 by their RFC1918 addresses,
and no hacks are necessary.

> BTW, gre(4) in -current still has the less specific clause.

Thanks!  I fixed that.

Dave

-- 
David Young             OJC Technologies
dyoung@ojctech.com      Urbana, IL * (217) 278-3933 ext 24