[MLB-WIRELESS] possible vpn and public ip address allocation option

mw at freenet.net.au mw at freenet.net.au
Tue Mar 16 20:55:35 EST 2010


> > I think one of the aims of having a public ip address at the user was
> > so they can run a publicly accessible server, they have a public ip,
> > and can run services on it as they wish.
> Yep. And it works quite well.

OK, in which case why would any VPN be required?  In that instance, a simple destination address NAT at the border would do the job just fine.

Even so, I don’t understand why would you publish some service via melbournewireless when it can be done via a local internet connection just the same...

> Unfortunately these protocols don't work quite so well with dynamic
> addresses so, for temporary (or trial) access, having a negotiated protocol
> like OpenVPN, PPTP or L2TP would be a better option. Mike's generous offer
> of a RouterBoard would be an excellent solution - it's what I've been using
> at home - and I'm sure we can come up with some way to provide Radius or
> some other form of identification from melbournewireless.org.au.

Should be quite easy really - only a matter of /where/ to put it.  The way I work it, if there was a VMWare platform available for MW services, it would be easy as pie to add services to the mix by simply running up a new VM with the new service - for example a VM running freeradius could be developed with read-only access to the database, and thereby no danger of damage to the database contents.

Furthermore, this sort of setup could support various project teams working on some area of specific interest to individuals - we could have an SNMP project, a mailing list project, web site project, wiki project and so forth, all on independent VMs.  Nobody needs to get root access to something they aren't involved in.  Furthermore, individuals can easy establish copies of the VMs relevant to their project to work on independent development components.



More information about the Melbwireless mailing list