[rbak-nsp] redback-nsp Digest, Vol 24, Issue 2

Ian Calderbank ian at calderbankconsulting.co.uk
Mon Dec 7 07:45:49 EST 2009


presumably there is some kind of server for the walled garden? running the 
"your service is down" webpage?
you don't need public DNS right, you just need the answer to always be "the 
WG server"?

=>default route to the walled garden server, run DNS server on it 
promiscuously, dns answer is always its own IP?

regarding NAT, I tested it in release 5 some time ago for a customer of 
mine, it was shockingly useless. I don't know if its been improved in 
release 6, so caveat emptor :-(.

cheers
Ian

----- Original Message ----- 
From: <redback-nsp-request at puck.nether.net>
To: <redback-nsp at puck.nether.net>
Sent: Saturday, December 05, 2009 5:00 PM
Subject: redback-nsp Digest, Vol 24, Issue 2


> Send redback-nsp mailing list submissions to
> redback-nsp at puck.nether.net
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://puck.nether.net/mailman/listinfo/redback-nsp
> or, via email, send a message with subject or body 'help' to
> redback-nsp-request at puck.nether.net
>
> You can reach the person managing the list at
> redback-nsp-owner at puck.nether.net
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of redback-nsp digest..."
>
>
> Today's Topics:
>
>   1. Some cleverness needed (David Freedman)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Fri, 04 Dec 2009 18:17:05 +0000
> From: David Freedman <david.freedman at uk.clara.net>
> To: redback-nsp at puck.nether.net
> Subject: [rbak-nsp] Some cleverness needed
> Message-ID: <4B195221.90802 at uk.clara.net>
> Content-Type: text/plain; charset=ISO-8859-1
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I've a context acting as LAC for a customer and I would like to "walled
> garden" (http redirect) their end-users when the customer's network fails.
>
> Since the context only contains routes for their LNS endpoints, I will
> be terminating the users locally (through aaa authentication radius,
> none) and using HTTP redirect.
>
> The problem arises when the end-user's browser initiates a DNS request,
> if the customer's network is completely offline, I'll need to handle
> this as well.
>
> Can't find any reference to a DNS proxy in SEOS so my next best option
> is to NAT them somehow so they can access our public DNS servers,
> I wanted to do this intercontext and wanted to know the following:
>
> 1. Is NAT policy now possible on L2TP subscriber? (last I checked it was
> not)
>
> 2. Is intercontext NAT possible? (i.e to local context) despite lack of
> an intercontext interface? (was planning on doing an static intercontext
> route)
>
> 3. Any alternatives to this? can't place anything else in the network
> since it is dedicated.
>
> Thanks in advance,
>
> Dave.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAksZUiEACgkQtFWeqpgEZrLYsACgs/h7kC9l3lxJpo1aMtYoCbNS
> VhYAnA18ReDu971+xf7OzCqhz46LjhOn
> =jl0H
> -----END PGP SIGNATURE-----
>
>
> ------------------------------
>
> _______________________________________________
> redback-nsp mailing list
> redback-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/redback-nsp
>
>
> End of redback-nsp Digest, Vol 24, Issue 2
> ******************************************
> 



More information about the redback-nsp mailing list