Re: FreeS/WAN Cluster - our approach

To:	Roberto Nibali <ratz@xxxxxxxxxxxx>
Subject:	Re: FreeS/WAN Cluster - our approach
Cc:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx
From:	Julian Anastasov <ja@xxxxxx>
Date:	Tue, 19 Feb 2002 23:35:05 +0000 (GMT)

        Hello,

On Tue, 19 Feb 2002, Roberto Nibali wrote:

> >     I don't believe a client will create many ESP connections
> > to one server, this is not a web :))) Note that there must be a save
>
> No but maybe many connection to different servers on the same physical
> segment.

        I see you are talking about connecting a client to
different net entities, what do you mean? Can you give a simple
example? I see it in this way:

- you can create one ISAKMP between each CIP:CPORT and VIP:500

- you can create one ESP transport between CIP and VIP (are many
possible?)

- you can create many ESP tunnels between CIP and VIP, each with
different negotiated subnets, visible for LVS only by inspecting
SPIs

- you can create many encapsulated web connections through one ESP
tunnel, not visible for LVS

> Cheers,
> Roberto Nibali, ratz

Regards

--
Julian Anastasov <ja@xxxxxx>

<Prev in Thread]	Current Thread	[Next in Thread>
FreeS/WAN Cluster - our approach, Henrik Rossner Re: FreeS/WAN Cluster - our approach, Roberto Nibali Re: FreeS/WAN Cluster - our approach, Henrik Rossner Re: FreeS/WAN Cluster - our approach, Roberto Nibali Re: FreeS/WAN Cluster - our approach, Julian Anastasov Re: FreeS/WAN Cluster - our approach, Roberto Nibali Re: FreeS/WAN Cluster - our approach, Julian Anastasov <=

Previous by Date:	Re: FreeS/WAN Cluster - any experiences?, Roberto Nibali
Next by Date:	No stats problem, Mike Zimmerman
Previous by Thread:	Re: FreeS/WAN Cluster - our approach, Roberto Nibali
Next by Thread:	LVS NAT with VPN, Mark Weaver
Indexes:	[Date] [Thread] [Top] [All Lists]