>>>>> "Michael" == Michael Richardson <mcr@sandelman.ottawa.on.ca> writes:
    Michael> Absolutely.  I'd like to do something like:

    Michael> ifconfig lo1 inet 192.168.1.xxx up (whatever was assigned by the
    Michael> gateway)

  I tried this:

  #!/bin/sh

  # spoof out a local PCB
  ifconfig lo0 inet 192.168.1.24 alias
  route add -net 192.168.1.0 -iface 192.168.1.24

  setkey -c <<EOF
  flush;
  spdflush;
  spdadd 192.168.1.24/32 192.168.1.0/24 any -P out ipsec esp/tunnel/A.B.C.D-E.F.G.H/require;
  spdadd 192.168.1.0/24 192.168.1.24/32 any -P in ipsec  esp/tunnel/E.F.G.H-A.B.C.D/require;
  EOF


  And it seems to work. I expect to have some problems because the mtu of
"lo0" needs to be lower, but I'll try ttcp with and without PMTU enabled to
see if this causes any real operational issues.

] Train travel features AC outlets with no take-off restrictions|gigabit is no[
]   Michael Richardson, Solidum Systems   Oh where, oh where has|problem  with[
]     mcr@solidum.com   www.solidum.com   the little fishy gone?|PAX.port 1100[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy");  [