Not really, as at the moment, the ipip code just isn't suitable for use by an
ISP in this fashion, because it's not transparent enough. If it was, I
wouldn't be working on it :)
> How much overhead are we going to add if we have the system look at each
> packet to determine if it is an encapsulated packet, dis-assemble it, and
> recursively go into that packets data to see where it's going???
Not a lot. Only packets going out through the tunnel device(s) need to be
checked, and almost all packets will fall through the first
if (iph->protocol == IP_PROTO_IPIP)
IPIP-in-IPIP packets will then have to check whether the address is local,
which I believe is a single route lookup, followed by checking for RTF_LOCAL
unless anyone tells me a quicker way. So it's a single compare, followed by a
route lookup and two compares for each level of IPIP-in-IPIP-in-IPIP-...
-- David Woodhouse, CB3 9AN http://dwmw2.robinson.cam.ac.uk/ dwmw2@cam.ac.uk Tel: 0976 658355 D.W.Woodhouse@nortel.co.uk Tel: 01279 402332