If you can be bothered reading all this and even answer just some of my questions I'd be very pleased!
I want to provide a backup for a LES100 link between 2 sites using dynamic routing over adsl/ipsec. The proposed solution involves purchasing a couple of expensive cisco layer 3 switches that are used to run eigrp over a the LES100 and a ipsec/gre tunnel between a nokia firewall and a cisco 837 adsl router. The nokia is already there so it's not a problem; however I think I can replace the cisco switches with a couple of openbsd boxes which can run ospf over ipsec/gre. (I can probably also replace the 837 with a much cheaper adsl router and use openbsd as an ipsec gateway/router). Can anyone forsee any problems doing this with the current state of ospf within openbsd? Or gif instead of gre perhaps? Would using bgp for dynamic routing be a better solution as I've read that bgp can be run over ipsec without the need for a gre tunnel and so would provide better performance. (I've never configured bgp though). Finally, do you think some standard PCs/soekris boxes (perhaps with CARP for failover?) would be sufficient for the routers? Any comments or examples of similar configurations would be much appreciated! Kind regards, Stephen Marley -- [EMAIL PROTECTED]
