So having a bunch of success with PF_RING, I decided to check out some of's other creations. One I came across that I had a use for was N2N. Basically you have a supernode daemon, and you create tunnels to it from your edge nodes. But the setup is about as simple as it can really be.  

Pretty much exactly what the manual says…

First, setup your supernode (relay for lack of a better phrase):

supernode -l 9939


Then all you need for an edge node is:

edge -a -c some_community -k some_key -l <supernode_ip>:9939


Next edge node:

edge -a -c some_community -k some_key -l <supernode_ip>:9939


Then from either node, you should be able to reach the other.

 [root@core ~]# ping
 PING ( 56(84) bytes of data.
 64 bytes from icmp_seq=1 ttl=64 time=0.073 ms
 64 bytes from icmp_seq=2 ttl=64 time=0.070 ms
 64 bytes from icmp_seq=3 ttl=64 time=0.063 ms
 --- ping statistics ---
 3 packets transmitted, 3 received, 0% packet loss, time 2496ms
 rtt min/avg/max/mdev = 0.063/0.068/0.073/0.010 ms
 [root@core ~]# 


That is it. Seriously. Now if you want it to persist, you need to make an init script for supernode, and edge. I am also not a huge fan of it having the key sitting there visible in the process list on the edge servers.

 [root@core ~]# ps aux | grep edge
 root      2367  0.0  0.1   3644   724 ?        Ss   Aug30   0:33 edge -a -c HOME -k superkey -l
 root     22730  0.0  0.1   4200   728 pts/0    S+   20:04   0:00 grep edge
 [root@core ~]# 


That is kind of blatant to just leave laying around. In this fashion it pretty much screams its key in the process list. So I would use a shell script or something to wrap it, so its a little less obvious.