Hi Shawn, On Thu, 26 Feb 2015 Shawn Heisey wrote:
> I'm looking for encryption that's completely transparent to programs, > will > work properly across multiple servers with IP multicast, and has > relatively low computational overhead during most of its operation. This sounds like a VPN ;) > SSL has a relatively high cost to establish a tunnel due to PKI with > large > keys, but if the tunnel is maintained, the encryption is fairly cheap > in > CPU terms. If you use IPSEC with key-based authentication (IKE) the costs for establishing a tunnel is probably similar - it has to run a challenge-response based on RSA (or DSA or ...). > If this community can help me piece together a solution from what's > already out there and your expertise, I will write the whole thing up > and post it on my blog, with permission to this community to re-use > it > in any way you wish. Based on your description it sounds like you just need (Open-)VPN and routing. If you really need a mesh-ish topology (without central) server you might want to use p2p topology. The easiest scenario would be: $ openvpn --dev tun --ifconfig 10.0.0.1 10.0.0.2 --secret shared.key \ --route ... on the udp "server" side and $ openvpn --dev tun --ifconfig 10.0.0.2 10.0.0.1 --secret shared.key \ --route ... --remote openvpn-server.example.com on the udp "client". The keyfile can be generated on one machine and copied to the other VPN machine: $ openvpn --genkey --secret shared.key Cheers, Mathias. ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
