From mboxrd@z Thu Jan 1 00:00:00 1970 From: "glynn" Date: Wed, 30 Jan 2002 08:43:22 +0000 Subject: Re: [LARTC] Help with gre tunneling MIME-Version: 1 Content-Type: multipart/mixed; boundary="----=_NextPart_000_009D_01C1A9AD.3ADD42E0" Message-Id: List-Id: References: In-Reply-To: To: lartc@vger.kernel.org This is a multi-part message in MIME format. ------=_NextPart_000_009D_01C1A9AD.3ADD42E0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Do i really need to setup wins server in both sides? and if i configure = one of my windows 98 pc how do make it as a push and pull replication? = and how about nbt node type 8? do you think if i set up dns server it = will work? what should be the best and easy way to have a name = resolution on both ends of the tunnel? Best Regards, Glynn ----- Original Message -----=20 From: Greg Scott=20 To: 'glynn' ; lartc@mailman.ds9a.nl=20 Sent: Friday, January 25, 2002 8:10 PM Subject: RE: [LARTC] Help with gre tunneling The short answer would be yes, but there are lots and lots of details. = =20 Now that your GRE tunnel is up and running, switch your thinking to look at it from Windows' point of view. From Windows' point of view, the GRE tunnel is really a router. So you have LAN A connected to a router, across a WAN, to LAN B. Your Windows PCs have no clue that there is a GRE tunnel in-between. All they know is, their default gateway is the internal IP address of the firewall/router you set up. Well, maybe not their default gateway, but at least they=20 have a route to the LAN on the other side of the tunnel. So what do we need with Windows so that PCs in LAN A can browse (Network Neighborhood) shares offered by computers in LAN B? Assuming Windows 9x, we need a way for NetBIOS name=20 resolution that doesn't depend on broadcasts, so that means you'll=20 need a WINS server in both LAN A and LAN B. You'll want to set=20 up the WINS servers as push/pull replication partners so they both=20 have up to date copies of which systems are where. And you'll need to set up your PCs as NBT node type 8 (I think). This is the hybrid, where PCs first try to resolve names by asking a WINs server and then try a broadcast if that doesn't work. =20 You could also use local lmhosts files for NetBIOS name resolution, but let's not even go there. If you have a Win2000 domain and all Win2000 clients, then the rules are different. In this case, you'll need DNS servers instead of WINS servers. =20 Conceptually, the point is, you need some way to do name resolution on both ends of your tunnel to make this work. =20 You will want to set up some kind of Win NT or Win 2000 domain=20 structure that makes sense, or you will want some kind of=20 workgroup structure that makes sense. So let's say the PCs in LAN A are all members of a workgroup named LANAWG. If you make a PC in LAN B a member of the LANAWG workgroup, and you have name resolution that works, then that LAN B PC should be able to browse its Network Neighborhood and see the shares offered by PCs in the LANAWG workgroup, no matter which side of the tunnel they are on. This all assumes that the Windows PCs do their jobs properly. - Greg Scott -----Original Message----- From: glynn [mailto:glynn@itextron.com] Sent: Friday, January 25, 2002 4:07 AM To: lartc@mailman.ds9a.nl Subject: [LARTC] Help with gre tunneling Hello everyone. is it possible to browse the network neigborhood if = i tunnel to a remote site ? if its possible how?=20 Best regards, Glynn ------=_NextPart_000_009D_01C1A9AD.3ADD42E0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

Do i really need to setup wins server = in both=20 sides? and if i configure one of my windows 98 pc how do make it as a = push and=20 pull replication? and how about nbt node type 8? do you think if i set = up dns=20 server it will work? what should be the best and easy way to have a name = resolution on both ends of the tunnel?

Best Regards,

Glynn

----- Original Message -----

From:=20 Greg Scott

To: 'glynn' ; lartc@mailman.ds9a.nl

Sent: Friday, January 25, 2002 = 8:10=20 PM

Subject: RE: [LARTC] Help with = gre=20 tunneling

The=20 short answer would be yes, but there are lots and lots of = details. =20

Now=20 that your GRE tunnel is up and running, switch your thinking=20 to

look=20 at it from Windows' point of view. From Windows' point of=20 view,

the=20 GRE tunnel is really a router. So you have LAN A connected=20 to

a=20 router, across a WAN, to LAN B. Your Windows PCs have=20 no

clue=20 that there is a GRE tunnel in-between. All they know is,=20 their

default gateway is the internal IP address of the = firewall/router=20 you

set=20 up. Well, maybe not their default gateway, but at least they=20

have=20 a route to the LAN on the other side of the = tunnel.

So=20 what do we need with Windows so that PCs in LAN A = can

browse (Network Neighborhood) shares offered by computers=20 in

LAN=20 B? Assuming Windows 9x, we need a way=20 for NetBIOS name

resolution that doesn't depend on broadcasts, so = that means=20 you'll

need=20 a WINS server in both LAN A and LAN B. You'll = want to set=20

up=20 the WINS servers as push/pull replication = partners so they=20 both

have=20 up to date copies of which systems are where. And you'll=20 need

to=20 set up your PCs as NBT node type 8 (I think). This is the=20 hybrid,

where PCs first try to resolve names by asking a WINs server = and=20 then

try=20 a broadcast if that doesn't work.

You=20 could also use local lmhosts files for NetBIOS name=20 resolution,

but=20 let's not even go there.

If=20 you have a Win2000 domain and all Win2000 clients, then the=20 rules

are=20 different. In this case, you'll need DNS servers instead of=20 WINS

servers.

Conceptually, the point is, you need some way to do name=20 resolution

on=20 both ends of your tunnel to make this work.

You=20 will want to set up some kind of Win NT or Win 2000 domain=20

structure that makes sense, or you will want some kind of=20

workgroup structure that makes sense. So let's say the = PCs=20 in

LAN=20 A are all members of a workgroup named LANAWG. If=20 you

make=20 a PC in LAN B a member of the LANAWG workgroup, = and

you=20 have name resolution that works, then that LAN B PC = should

be=20 able to browse its Network Neighborhood and see the = shares

offered by PCs in the LANAWG workgroup, no matter which=20 side

of=20 the tunnel they are on.

This=20 all assumes that the Windows PCs do their jobs = properly.

-=20 Greg Scott

-----Original Message-----
From: glynn=20 [mailto:glynn@itextron.com]
Sent: Friday, January 25, 2002 = 4:07=20 AM
To: lartc@mailman.ds9a.nl
Subject: [LARTC] = Help with=20 gre tunneling

Hello everyone. is it possible to = browse the=20 network neigborhood if i tunnel to a remote site ? if its possible = how?=20

Best regards,

Glynn

= ------=_NextPart_000_009D_01C1A9AD.3ADD42E0-- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/