[ previous ] [ next ] [ threads ]
 
 From:  JT <j dot tarot at tecsas dot fr>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] SDSL/MPLS cross-site link
 Date:  Tue, 6 Dec 2005 18:00:24 +0100
> > From: "JT" <j dot tarot at tecsas dot fr>
> >
> > > I've no control on cisco (1700) routeurs which are managed by
> > > the ISP.
> >
> > This could be a problem.  You will need the cooperation of the
> > ISP.
> >
> > > ATM, I've made the base setup so, from the m0n0wall interface,
> > > I can ping the ciscos. But no chance from the LANs.
> > > I've tried to add a rule that allow all trafic from "SDSL nets"
> > > on opt1 interfaces to any... still unsuccessful.
> >
> > You need static routes to the Cisco routers for the other LAN. 
> > However, the
> > Cisco routers also need those static routes.  It sounds like the
> > Cisco routers don't know about any of the 192.X.X.X addresses, so
> > the packets stop
> > there.  Try a traceroute, and I bet you fail at the Cisco.
>
> Does your ISP allow you to inject routes into their CPE router via
> a routing protocol?
>

Don't know... will ask tomorrow.

> The standard way for an ISP to propagate customer routes across an
> MPLS VPN is by using OSPF/RIP and then propagating them across it's
> network using MP-BGP. Unfortunately m0n0wall, afaik, can't do any
> dynamic routing, but if the ISP allows it, you might be able to
> find a cheap router to stick between the CPE and m0n0wall or use
> pfSense+zebra or something.
>

hmm, these are not_so_good news :'(

> Is this just a simple point to point link? Or are there multiple
> sites connected via it?

Simple point to point link.

Thanks