[HECnet] VPN?
Johnny Billquist
bqt at softjar.se
Mon Nov 9 10:06:06 PST 2009
Sampsa Laine wrote:
Guys,
I realise that at the moment there aren't many people involved that do not have static IPs but I think as time goes on consumer grade ISPs are going to start cutting back on the amount of IPs a residential customer can have.
With this in mind, might there be some mileage in setting up a VPN for HECnet use? This way we would not need to worry about whether we have public static IPs in the future (most VPNs are happy to work with DYNDNS etc) and it would also add a layer of security to HECnet without any changes needed to the bridge etc.
Add security?
You mean as in me opening my internal network to all kind of IP traffic
from any other HECnet user? As opposed to today, when they can only
transmit DECnet packets to my internal network?
Not forgetting that we'd still need the bridge software, since no VPN
solution I know of, is able to route DECnet natively.
And not to forget that DYNDNS is a security problem in itself. :-)
And we'd also still get the occasional disruption in traffic when
someones address do change, until the DNS is updated and propagated.
What we would gain would be an automatic recovery, which we don't have
today.
Maybe it would be more worthwile for someone to hack my bridge just a
little, so that changes in DNS names were discovered, and automatically
handled.
Heck, you don't even have to change my bridge program. Just add a small
monitoring program, who don't do anything else than regularly check if
any of the names in the bridge.conf file have changed to resolve to a
different IP address, and if so, send a HUP to the bridge program, and
we'll be back in business.
Johnny
--
Johnny Billquist || "I'm on a bus
|| on a psychedelic trip
email: bqt at softjar.se || Reading murder books
pdp is alive! || tryin' to stay hip" - B. Idol
More information about the Hecnet-list
mailing list