[prev in list] [next in list] [prev in thread] [next in thread] 

List:       cipe
Subject:    Re: Bit by DHCP
From:       Scott Nelson <sbnelson () thermeon ! com>
Date:       1999-07-16 20:02:06
[Download RAW message or body]

If this is simply a question about static IP addresses vs. dynamic IP addresses,
I think I can help.

In the configuration files, on both systems, whenever you want to refer to the
dynamic IP address system, simply put in 0.0.0.0 instead of the IP address.  Then
when the dynamic IP system gets its IP address, it sends packets to the static IP
address system.  If the key is valid, it now uses the new dynamic address to
communicate.

You must restart ciped whenever the outgoing IP address changes.  This means on
the dynamic IP address system, you need to restart cipe whenever you connect to
your ISP.

As far as firewall rules, the only problem I see is that you need to have the udp
port for cipe wide open; someone could try to hijack your session if they knew
the key.  I don't know what happens if they don't know the key -- hopefully the
packets are simply ignored.  Olaf???

Scott


> >       It was bound to happen. One end of a CIPE tunnel has DHCP
> > addresses. However, until today, I've been lucky in that I've had the
> > same IP address there for nearly 10 months. With a chance in IP, of
> > course, the CIPE tunnels no longer match.
> >
> >       On the DHCP client, my rc.firewall grabs the new address from
> > ifconfig, so the firewall rules are correctly set up for CIPE before it
> > is invoked. Short of using a script to rewrite the /etc/cipe/options file
> > before CIPE is run each time, is there any way to have this file set up
> > correctly for this situation? (I tried putting a one-liner into the
> > options file to set the IP, but it doesn't execute.)
> >
> >       On the static IP-ed host at the other end of the CIPE tunnel, the
> > problem is somewhat different. How is it supposed to know when the IP of
> > the DHCP host changes?
> >
> >       Thanks.
> >
> > --
> > Roger Walker                    Voice/Fax 780-440-2685   Network Manager,
> > Director & Senior Consultant,   Pager 780-917-5817       ROPE Internet
> > Services
> > ROSCO Associates Technology     <rats@rat-hole.com>      <rosco@rope.net>
> > Staffing Ltd. (RATS!)           <www.rat-hole.com>       <www.rope.net>
> > "HIS Pain; YOUR Gain"           BLACK RAT: <www.rat-hole.com/black-rat>


--
Message sent by the cipe-l@inka.de mailing list.
Unsubscribe: mail majordomo@inka.de, "unsubscribe cipe-l" in body
Other commands available with "help" in body to the same address.
CIPE info and list archive: <URL:http://sites.inka.de/~bigred/devel/cipe.html>

[prev in list] [next in list] [prev in thread] [next in thread]