Page 1 of 1

Lost in the tunnels !!!

Posted: Sun Sep 21, 2014 8:58 pm
by rdmweb

I'm writing here in search of advice and useful insight regarding a problem I need to tackle and I'm not sure what road to take.

I'm managing a fairly large 100% ROS based FreeWiFi network. The network is almost not routed and it's all a single bridged blob.

Over thirty AP and many PTP wireless connections have been dislocated around two sides of a sea strait to provide a free wifi service for the clients of a local shipping company. Through weird wireless connections, and regular cabling, the whole thing spans several sites on both sides of the sea 10km away.

The whole thing is working very nice... so nice that my client has realized that the network infrastructure that has been deployed for the "free public service" is by far more effective and fast than his regular flimsy office connections, when it comes to traversing the strait.

The request is simple... can we use the free network to transport some private stuff as well? Obviously yes.

I wen't into some deep reading about tunnels, authentication, vpns and security and I must admit I'm a bit overwhelmed by the plethora of options and I would like someone to point me in the right direction.

I have a nice RB1100AHx2 on top of everything and he's doing all the work. All the other actors (all ROS) are bridged one way or the other and simply play the slave role in this.

I would like to blindly map some ethernet ports on these little ROS devices around the network, to a single (eth11 would be nice) port on my main router.

I don't want the router to have any insight on what's "after" that port since that would mean me having to deal with the rest of their huge network. My dream is to tell them: plug anything you like on port 11 of the main router and that will be bridged to port 3 (just a random number) of all the small routers around the network. No responsibility... blind tunnel between a port on one side and one on the other side.

That would mean to just get a nice red marker and paint port 3 on all the routers with a nice label like "internal office".

What do you think I should use?

Thank you in advance to anybody that can spare a few moments to shed some light on this issue.

Re: Lost in the tunnels !!!

Posted: Sun Sep 28, 2014 11:08 pm
by rdmweb
Anyone with some insight please?

Re: Lost in the tunnels !!!

Posted: Thu Oct 02, 2014 6:09 pm
by mtandrew
so you want port11 on RB1100AHx2 to be directly connected to other router somewhere far away and basically use all this "RB1100+otherROS" setup as UTP wire?

In this case you may use EOIP tunnel between two routers and add port11 on one side and port3 on other to the same bridge. Of course if security is important then you need to secure this tunnel with IPsec, etc.