Re: [LARTC] Iptables, SNAT/MASQ, Multiple gateways

[Julian Anastasov <ja@ssi.bg>]

	Hello,

On Mon, 30 Sep 2002, Michael T. Babcock wrote:

> Don Cohen wrote:
>
> >I actually sent a proposal to this list that I think provides a good
> >solution to the general problem: an extension to TCP (possibly even
> >IP) that supports multiple addresses/ports.  This would even allow you
> >to switch addresses in the middle of a connection.  I think what I

	Yes, we can implement it as separate IP protocol :)
Of course, at the beginning the idea may sound too stupid, we
have to change that. May be there is already solution for that?
A "simple" tunnel without encryption that will support failover
and balancing of the negotiated traffic, ability to negotiate
multiple IPs for each endpoint. Of course, there should be some
problems with the proper tunneling of this traffic in each end,
see how difficult is routed the IPSec traffic. Each endpoint will do
failover detection of all negotiated links and will do balancing (if
desired) over these links, based on relative ratio. This tunnel
should be transparent to the upper layers (TCP/UDP/ICMP/SCTP).

> SCTP actually supports this already; look it up -- its quite a bit
> different from TCP but allows you to do all the same types of things,
> with more options.

	But this feature is only for SCTP. We want the traffic
from one multihomed router to use multiple links when talking
to another router, both understanding this "our new" IP tunneling
protocol.

	I see it in this way: when such packet is received, we
decapsulate it and place it on the expected interface. As
result, the upper layers will see the packet on the right
input interface even if it is received on another input
interface (for example, if it is the only alive).

Regards

--
Julian Anastasov <ja@ssi.bg>

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/