Re: [44net] 44Net Digest, Vol 2, Issue 78

Jesse Hindmarsh <jesse(a)hindmarsh.cc> wrote: I learned networking with the KA9Q software and later when I got a job as a sysadmin I worked with existing Cisco routers and found many things very familiar. I learned the Cisco stuff myself from the manuals, have no CC certifications. I converted our existing network at work from leased lines to VPN some 10 years ago over Internet using DMVPN and it worked very well. (now we have dedicated lines again, but that wasn't affordable at megabit speeds 10 years ago) I suggested DMVPN before on this list, and I still think it could be a good option at least when an open implementation is available. I don't know if it is today, it has been in the works for some time. (the specs are open) In the performance class we are operating in, "hardware based" is not really required. A suitable box (processor and ethernet interfaces) and software (e.g. Linux plus some usermode tools) can do the same thing. I run IPsec tunnels between Ciscos, between Linux boxes, and between Cisco and Linux, and it is all inter-operating well. Of course we don't want to tie outselves to "only Cisco". But a solution where Cisco and open implementations (on systems like Linux and BSD) inter-operate is a very good thing. IMHO we don't need to consider compatibility with DOS (e.g. JNOS on DOS) as critical anymore. Rob