Just "Bridge" the networks together. I think the linux bridging stuff works. If not we have a commercial product that will do it. Dennis At 08:57 AM 06/17/2002, you wrote: >Hi! > >Here's a tough one for all you problem solvers, which might be >of no use whatsoever in the real world, but is academically >challenging nevertheless. > >We have been assigned a task to connect a remote host over an >access network to the main network. To put this in ASCII art: > >remote host main network > --- --- > | | | | > --- --- > | | > | | > | | > --- --- > | |---access network---| | > --- --- > router1 (linux) router2 (linux) > >Sounds simple. But isn't (at least for us). >Main network is assigned an IP network (eg. 10.0.0.0/24). >Unfortunately, the 'remote host' has an IP address in this >network too, and this can't be changed. In fact, the whole >purpose of this setup is to relocate the remote host from >the main network to a remote location without altering >any configuration of the mein network or remote host. > >The assignment is to configure the linux routers in such a >way that the remote host can access the main network and >every host in the main network can access the remote host >in a transparent way, which means: > >- ARP >- DHCP >- IP > >...must all work transparently. > >Tunneling is not an option, since the packets must be inspectable >by the access network. > >Weird setup, but it definitely adds some fun to the challenge :) > >We looked into the linux 2.4 packet filter and other capabilities, >and the solution approaches so far contain: > >1. Solution >=========== >For ARP, router2 on the main network gets assigned the IP address >of the remote host. Therefore, it answers ARP requests and get's >all packets destined for remote host. >The problem with this is, how can the packets destined for remote >host be forwarded away from router2, when it has an own >interface with this IP address? > >2. Solution >=========== >Use proxy ARP. As I understand, this only works for networks which are >directly connected to the router. So, router2 can't use proxy ARP. > >3. Solution >=========== >Could NAT help us in any way? We don't think so, although 'creating >null mappings' in Rusty's NAT HOWTO suggest this could be possible. > >Another trap: How do we tell router1 to answer ARP for all addresses >in the main network ? > >At this point, we can't come up with a solution that solves these >problems. Therefore, even pointers in which direction we should >concentrate our efforts or references to solutions of simlar problems >would be great. > >Please note the fact that we know that this setup does not use IP >in the way it is desingned, since using proper addressing would >solve all those problems immediately (DHCP needs helper anyway) >without any hassle, but the IP address of the remote host cannot >be changed. > >Any hint or pointers would be greatly appreciated. Even flames >about the setup are gladly discarded since we can't change it :) > >Gruß, >Walter >-- >Fraunhofer-Einrichtung Systeme der Kommunikationstechnik (ESK) > >Walter Zimmer Hansastraße 32 >Dipl.-Inf. D-80686 München > Telefon: +49(0)89-547088-344 >walter.zimmer@esk.fraunhofer.de Telefax: +49(0)89-547088-221 >- >: send the line "unsubscribe linux-net" in >the body of a message to majordomo@vger.kernel.org >More majordomo info at http://vger.kernel.org/majordomo-info.html - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
