Re: Transport Mode IPSEC

Dan,

You do realize, don't you, that since both of these hosts are on a switch,
and are using unicast traffic to communicate with each other, that they
cannot be sniffed, don't you?

You might read up on ethernet switching technology a bit before
answering that.

Most people don't wear 2 condoms, you know.

Ted

----- Original Message -----
From: "Dan Mahoney, System Admin" <danm@xxxxxxxxxxxxxxx>
To: <questions@xxxxxxxxxxx>
Sent: Wednesday, January 17, 2007 11:28 PM
Subject: Transport Mode IPSEC


Hey all,

I see the handbook has a nice howto on tunnel mode ipsec. I just want to
protect my NFS/NIS traffic between two hosts on a switch (neither NAT'd)
-- is there a reference as to transport-mode ipsec anywhere, or has anyone
done it that can outline it? I would imagine it would be drastically
simpler than tunnel mode, but I'm not sure where it would break off.

-Dan

--

"A mother can be an inspiration to her little son, change his thoughts,
his mind, his life, just with her gentle hum."

-No Doubt, "Different People", from "Tragic Kingdom"


--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Site: http://www.gushi.org
---------------------------

_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe@xxxxxxxxxxx"


_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • Strange results from a tcpdump, can anyone help?
    ... traffic was going ballistic on most ports in the network. ... other hosts went to normal (i.e. the only traffic you could see were ... packets from the same vlan destined to other hosts outside ... If it was simply a bad switch with a bad port that had lost it's mac ...
    (comp.dcom.lans.ethernet)
  • Re: Strange results from a tcpdump, can anyone help?
    ... traffic was going ballistic on most ports in the network. ... other hosts went to normal (i.e. the only traffic you could see were ... packets from the same vlan destined to other hosts outside ... If it was simply a bad switch with a bad port that had lost it's mac ...
    (comp.dcom.lans.ethernet)
  • Re: Broadcast Packets Evil?
    ... hosts on a switch, the bandwidth of the switch should sustain the connection, ... and they'll just be a momentary spike in network traffic. ... 200 cables with 199 hosts on each, ...
    (comp.os.linux.networking)
  • RE: A problem with a function Microsoft Update - an error
    ... switch off the sw firewalls, ... checked the file Hosts if there isn't any static IP address, ... cancel all additional toolbars from my IE 7.0, ...
    (microsoft.public.windowsupdate)
  • Re: IA-64 Linux and IRIX 6.5.24 Jumbo Packet Questions
    ... Keep in mind that enabling JF on one host means all hosts in the ... what some switch vendors call "jumbo frames" is not always the ... That then is consistent with my understanding that TSO is really only ... TSO may "offload" to more than 9K ...
    (comp.sys.sgi.admin)