Le 21/07/2019 à 12:31, Rob Janssen via 44Net a écrit :
Same thing here. We are not an island but still we feel that we need to use a local gateway where everyone is connected using modern technologies compatible with today's internet connections and equipment. Our gateway is still connected to the IPIP mesh but the individual stations are connected using another VPN type.
As we are several people using this kind of topology, maybe we can detail our configurations, protocol choices, with advantages and drawbacks.
Then, maybe, we can compare our various options, discuss about them, and converge to some kind of "normalization", so that everybody makes similar things, and these things are easier to reproduce elsewhere in the world.
Of course, I may still continue using Shorewall when other may prefer pfSense. But if we manage to agree on a common VPN technology (L2TP ? OpenVPN ? IPSec ? etc...) and routing infrastructure (iBGP already works on HamNet; should we keep it for internal routing, or can we improve it, f/ex with something handling link priority and weight ?), that would be great.
I will not have much availability in the next 15 days, but after that, I planned to work on OpenVPN and OSPF for migrating our old 10.44.0.0 network to AMPRNet. I'll be happy to exchange our experiences, and see how we can improve. OSPF is still in "beta" here; we can still test something else before we migrate all our sites.
73 de TK1BI