Hi,

I've been running NetBSD on my Quadra 700 very happily for almost 3 
years now. Looking for a new challenge, I'm trying to set up a VPN 
type thing between between my Quadra and another NetBSD box (pentium) 
I have in another city. Both NetBSD boxes are connected to 
cable-modems, and serve as NAT gateways for the local networks they 
are connected to.
Delving into the NetBSD website, there is little I can find in terms 
of docs on tunnelling and VPNs. 'man gre' and 'man ipip' are also 
less than informative. As far as I can tell, there are four available 
tunnelling interfaces: gre, ipip, gif and tun. All implement 
different tunnelling protocols, except ipip which seems to be a 
subset of gif. As far as I can tell, any one of gre, ipip or gif 
would let me do what I want - set up a tunnel between the two NetBSD 
boxes and route packets between the two local networks as if they 
were 'just next-door'. Here's to my actual questions then:
On the pentium tun, ipip and gre interfaces are available (kernel 
1.4.1 GENERIC #1). On my Quadra, only the tun interface is available 
(kernel 1.4.1 GENERIC #0). Do I need to compile a new kernel? How do 
I activate the tunnelling interfaces on the mac?
Is the gif interface a mainly ipV6, KAME development thing, requiring 
NetBSD 1.5 and kernel recompiles, or is can it be installed via the 
package-source or some other easy way?
Am I right in assuming the tun interface is not good for my purposes? 
As far as I can tell it seems to be more intended to transfer network 
streams to other hardware/software...
Where can I find more docs on this? Does anyone have a clear answer 
as to which is better for my purposes: ipip, gif or gre tunnelling?

Thanks a lot for your time,
Richie