[Gloucs] n2n
Alaric Snell-Pym
alaric at snell-pym.org.uk
Fri Aug 21 08:23:59 UTC 2009
I've been having some fun with n2n lately. It's a little-heard-of
package that does virtual Ethernets in a peer-to-peer fashion, using a
pool of central directory servers for everyone to register "I have mac
XX:XX:XX:XX:XX:XX and I'm on real-world IP A.B.C.D", so that peers can
send Ethernet frames encrypted and wrapped in UDP to each other
directly, or ask the directory servers to relay packets into nodes
behind NAT.
http://www.ntop.org/n2n/
We've used it to set up a VPN for work, replacing the old PPTP-into-a-
Cisco-PIX-at-the-office solution, and benefits have included:
1) Not having to mess with Cisco stuff
2) as it works by sending periodic announcements to the directory
server, it just keeps working as I move between networks, open and
close my laptop, etc. while the PPTP VPN always needed re-connection
as it was very stateful
3) It just seems to work better (the PPTP VPN would kick people off at
random, sometimes be unresponsive for a while although we could ping
the PIX via the Internet, etc)
4) If the office SDSL goes down, remote workers can still connect
directly to each other over the VPN, which is useful as we have a very
distributed git-based development process and can pull changes from
each other's laptops, so work can continue. We can even tolerate the
loss of a directory server, as we have two.
Ok, much of that boils down to "PPTP is rubbish" or "Cisco's PIX
implementation of PPTP is rubbish", but either way, n2n is a definite
improvement ;-)
ABS
--
Alaric Snell-Pym
Work: http://www.snell-systems.co.uk/
Play: http://www.snell-pym.org.uk/alaric/
Blog: http://www.snell-pym.org.uk/archives/author/alaric/
More information about the gloucs
mailing list