Bent's Wiki

User Tools

Site Tools

Trace:
alternative_access

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
alternative_access [2026/05/16 15:43] – [Rationale] Added the HE solution as option 2 bentalternative_access [2026/05/16 16:05] (current) – [Rationale] bent
Line 12: Line 12:
     - We could establish a tunnel between our sites which could make it possible to access our own servers by connecting to the other's LAN using special addresses. The 'other' LAN could then route the connection back through the tunnel to the desired destination. Of course this scheme would break down if both sites lost their fiber connection simultaneously.     - We could establish a tunnel between our sites which could make it possible to access our own servers by connecting to the other's LAN using special addresses. The 'other' LAN could then route the connection back through the tunnel to the desired destination. Of course this scheme would break down if both sites lost their fiber connection simultaneously.
     -   We could have a publicly accessible server somewhere in the Internet which each of us could make tunnels to and hence obtain the same advantages as above plus the possibility to still have access if e.g. my fiber went down **and** Steve was offline for whatever reason     -   We could have a publicly accessible server somewhere in the Internet which each of us could make tunnels to and hence obtain the same advantages as above plus the possibility to still have access if e.g. my fiber went down **and** Steve was offline for whatever reason
-We have chosen to follow the second option outlined above and this note describes how this alternative Internet access way is constructed.+We have chosen to follow the second option outlined above and this note describes how this alternative Internet access way is implemented.
  
 ===== Physical Inplementation ===== ===== Physical Inplementation =====
Line 27: Line 27:
 ===== Routing ===== ===== Routing =====
  
-Once decided to have two routers on the LAN you have to use a routing protocol in order to keep the routers updater on each other. The general routing protocol setup is described in [[setup:routing|Routing]]+Once decided to have two routers on the LAN you have to use a routing protocol in order to keep the routers updated on each other. The general routing protocol setup is described in [[setup:routing|Routing]]
  
-We have decided to solely use IPv6 for this function. Each of us have delegated a /64 sub-domain of our IPv6 allocation to the other. We have also set up routing tables so that connection requests to this sub-domain are routed through the tunnel back to the other+We have decided to solely use IPv6 for this function. We have a host running at [[https://www.vultr.com/|Vultr]]. Steve has arranged for an IPv6 tunnel from [[https://tunnelbroker.net/|Hurricane Electric]] to our server at Vultr. This tunnel has a /48 IPv6 allocation. 
 + 
 +Each of us arranges a tunnel to Vultr and this tunnel gets a /56 sub-allocation. We have also set up routing tables so that connection requests to our sub-domain are routed through the tunnel to the proper site
  
 The details of the sub-allocation and the routing is described in [[Alternate address|Alternate routed address space]] The details of the sub-allocation and the routing is described in [[Alternate address|Alternate routed address space]]
Line 35: Line 37:
 ===== DNS considerations ===== ===== DNS considerations =====
  
-Connecting back to our servers through the tunnel does not require actions beyond what is described above. If, however, it should be necessary to use the sub-delegated addresses as source address for sending mail, further action is required.+Connecting to our servers through the tunnels does not require actions beyond what is described above. If, however, it should be necessary to use the sub-delegated addresses as source address for sending mail, further action is required.
  
 In order to have our sent email properly accepted by foreign mail server it is necessary to provide reverse name lookup for the mail servers. For practical reasons we decided to delegate the administration of the delegated sub-domain to the one that uses it. Details of the name space delegation is described in [[cross-allocation|IPv6 Cross allocation]] In order to have our sent email properly accepted by foreign mail server it is necessary to provide reverse name lookup for the mail servers. For practical reasons we decided to delegate the administration of the delegated sub-domain to the one that uses it. Details of the name space delegation is described in [[cross-allocation|IPv6 Cross allocation]]
  
alternative_access.1778946219.txt.gz · Last modified: by bent