Patrick McHardy wrote:
Marco Berizzi wrote: > I would like to deploy dhcp over ipsec with openswan > 2.4.x running on linux 2.6.15.1. To achieve this > solution I need dhcp relay agent running on the ipsec > gateway box (there will be also the dhcp server on the > same box). I'm using the native linux 2.6 ipsec (no > KLIPS) so there is no virtual devices. ISC dhcp relay > agent need to know which interface should listen (-i > flag). With KLIPS I set '-i ipsecX' interface. What > should I specify when I'm using the native 2.6 stack? You can use ipip or gre tunnels over IPsec and use these devices.
I can't use ipip or gre tunnels over IPsec because the other peer doesn't support them :-((
If you're using ISC dhcrelay you'll need to patch the BPF expressions to handle the link type correctly.
Thanks for the response. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
