On Wed, 2017-03-22 at 13:41 +0000, colin helliwell ln-systems com wrote:
We have an embedded system that we're working through getting NetworkManager set up on. There's a mode of operation we'd like to explore, and I'm wondering if NM has such capabilities 'built-in': Imagine two units - both have Ethernet and are on the same LAN subnet; internet connectivity for them is NAT'd via a ADSL router/modem or such-like, using the Ethernet. But Unit A also has a GSM modem, and if the ADSL goes down then it can switch over to use GSM for Internet. What we'd like is, if the ADSL goes down, that Unit B can open 'some sort of tunnel' to Unit A and have its traffic 'bridged in some way' to Unit A and then to/from the internet via Unit A's GSM connection. It would want to be secure i.e. only Unit B could use Unit A, not anyone on the LAN. I use the words 'relay'/'tunnel'/'bridged' in a *generic* sense, as they often imply specific mechanisms. Is this something that NM can provide and manage...? Thanks
Hi, For one there is "ipv4.method=shared" to use IPv4-NAT and "ipv6.method=shared" for IPv6 prefix delegation. But that doesn't sound like a good fit in your scenario. Maybe setup a tunnel between Unit A and B. That may be a VPN, some kind of IP tunnel [1] or maybe MACSec [2]. All this is supported by NM, MACSec sounds most interesting to me. (note that IP tunnels and MACSec are a recent feature, you may not have it in your version). And then setup IP routing accordingly accros the tunnel. best, Thomas [1] https://developer.gnome.org/NetworkManager/stable/nm-settings.html#id-1.2.6.4.17 [2] https://developer.gnome.org/NetworkManager/stable/nm-settings.html#id-1.2.6.4.18
Attachment:
signature.asc
Description: This is a digitally signed message part