(no subject)
Marco Berizzi
pupilla at hotmail.com
Fri Jan 27 10:06:42 UTC 2006
Hello everybody.
I would like to deploy dhcp over ipsec with openswan
2.4.x running on linux 2.6.15.1. To achieve this
solution I need dhcp relay agent running on the ipsec
gateway box (there will be also the dhcp server on the
same box). I'm using the native linux 2.6 ipsec (no
KLIPS) so there is no virtual devices. ISC dhcp relay
agent need to know which interface should listen (-i
flag).
This is my ipsec gateway diagram:
+---------+
| OSW-2.4 |
| DHCP-RA |
---eth0-public-ip---+ +---eth1-dmz-public-network
| Linux |
| 2.6.15 |
+----+----+
|
|
|
eth2-private-net
I have posted the same question to the linux netdev
mailing list and Patrick McHardy thinks that it
should possible to change dhcp relay to use regular
UDP sockets instead is AF_PACKET sockets, which
should work fine on the real device. Is this change
possible? (for full thread see
http://marc.theaimsgroup.com/?l=linux-netdev&m=113828075213545&w=2)
TIA
More information about the dhcp-hackers
mailing list