0

I have a main network (Net-A), there my work should be done there. On the other network, I have host server where it can reach to Net-A. On the host server, I'll create a couple of virtual machines, and what I want to archive is that, those virtual machines will get DHCP Address from Net-A, in turn acts just like the VMs are on Net-A.

One thing to mention is, the host server has only an IPv6 address, but virtual machines should get both IPv4 and IPv6 addresses from Net-A.

My rough thinking is:

  1. Have a server in Net-A as IPSec VPN server.
  2. On the host server, create a VPN connection to the VPN server.
  3. Then when I deploy VMs on the host server, VM should get DHCP address from the VPN server.

In other words, I want to tunnel virtual machine's L2 packets to Net-A over an IPv4 IPSec tunnel. Any suggestion?

safeway
  • 1

1 Answers1

0

Actually you can use any type of the available VPNs.

I suggest you use ipsec VTI/st, which Juniper, Cisco or Linux are capable of. But basically you should avoid bridging l2 over l3, this is a source of numerous complications. I recommend using the usual routed setup.

Alternatively you can use gre or ipip tunnel inside an ipsec encrypted transport. Address family doesn;'t matter here, you can use ipv4 easily in the tunnel over the ipv6 transport.

drookie
  • 8,625
  • 1
  • 19
  • 29