11-16 MAX 6000/3000 Network Configuration Guide
Setting Up Virtual Private Networks
Configuring ATMP tunnels
Limiting the maximum number of tunnels
If you decide to limit the maximum number of tunnels a gateway will support, you should
consider the expected traffic per mobile-client connection, the bandwidth of the connection to
the home network, and the availability of alternative Home Agents (if any). For example, the
lower the amount of traffic generated by each mobile-client connection, the more tunnels a
gateway connection will be able to handle.
Enabling RIP on the interface to the home router
The router at the far end of the gateway profile must be able to route back to mobile clients.
The easiest way to accomplish this is by setting the ATMP RIP parameter to Send-v2. With this
setting, the Gateway Home Agent constructs a RIP-v2 Response(2) packet at every RIP
interval and sends it to the home network from all tunnels using the gateway profile. For each
tunnel, the Response packet contains the mobile client IP address, and subnet mask, and
indicates that the next hop is 0.0.0.0, and the metric is 1. RIP-v2 authentication and route tags
are not supported.
Note: The home network router should not send RIP updates, because the Home Agent does
not inspect them. The RIP updates would be forwarded to the mobile clients instead.
If you set ATMP RIP to Off, the administrator of the home network must configure a static
route to each mobile client. A static route to a mobile client can be specific to the client,
whereby the routes destination is the mobile client IP address and the next-hop router is the
Home Agent address. For example, in the following route the mobile client is a router (this is
not a host route), and the Home Agent address is 2.2.2.2:
Dest=110.1.1.10/29
Gateway=2.2.2.2
Or, if the mobile clients have addresses allocated from the same address block (including
router mobile client addresses with subnet masks of less than 32 bits) and no addresses from
that block are assigned to other hosts, the home network administrator can specify a single
static route that encompass all mobile clients that use the same Home Agent. For example, in
the following route all mobile clients are allocated addresses from the 10.4.N.N block (and no
other hosts are allocated addresses from that block), and the Home Agent address is 2.2.2.2:
Dest=10.4.0.0/16
Gateway=2.2.2.2
Gateway-mode parameters
Configuring a Home Agent in gateway mode involves the following parameters (shown with
sample settings):
Ethernet
Mod Config
IPX Routing=Yes
Ether options...
IP Adrs=10.1.2.3/24
IPX Frame=802.2
IPX Enet #=00000000
ATMP options...
ATMP Mode=Home