Ok, I'm glad that it's possible, I just don't know how to put it all together yet.
So I would have to create 2 gif tunnels at each branch office. One going over the leased lines and the other over internet. Over these GIF tunnels I would run ipsec to encrypt the data? Could you give some more information how to set this up? Just a overview. It's all a bit overwhelming to be honest. Regards, Kor Boerema -----Original Message----- From: tony sarendal [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 23, 2005 2:26 PM To: Kor Boerema Cc: misc@openbsd.org Subject: Re: Redundant links with BGP and VPN On 23/11/05, Kor Boerema <[EMAIL PROTECTED]> wrote: > Hi Tony, > > Thanks for the reply. > > In what ways do the GIF tunnels differ from a normal ipsec tunnel? > By using a tunneling protocol your traffic will from an ipsec point of view always have the same source/destination. You also avoid fragmentation of packets if the hosts talking support PMTU discovery, unless your tunnel mtu is too big of course.
