Re: tun0 quesiton (_possibly_ openvpn related)

To: regional-london%netbsd.org@localhost
Subject: Re: tun0 quesiton (_possibly_ openvpn related)
From: David Sheryn <dhs%chromiq.org@localhost>
Date: Wed, 7 Jul 2010 17:49:44 +0100 (BST)

Following up to myself, can anybody help me with the syntax for the route
command when using an interface ?  The man page's:

---8<-----
If the destination is directly reachable via an interface requiring no
intermediary system to act as a gateway, the -interface modifier should
be specified; the gateway given is the address of this host on the common
network, indicating the interface to be used for transmission.
---8<-----

isn't terribly helpful ( to me :-( )  If I want to use tun0 as the route
for the 192.168.0.0/24 network, could somebody help with the format of the
magic runes ?

Ta.

/DHS


On Tue, 6 Jul 2010, David wrote:

>
> I have a (to me) strange problem, which I _think_ I've reduced to a tun0
> interface question...
>
> I need to setup an emrgency VPN tunnel (when isn't it an emergency... ;-)
> on a couple of sparc64 boxes running netbsd-4-0.  I've installed openvpn,
> which has *SUCCESFULLY* brought up at tunnel between the two endpoints,
> and I can ping the *opposite* end of the link from each end, run TCP
> sessions across it, etc..
>
> The problem I have is getting traffic from other hosts on the local VLANs
> to transit the VPN tunnel, and YES, I have created all manner of routes to
> point at the opposite end.  While doing this, however, I spotted one
> oddity, which is where I _think_ that my problem lies.
>
> While the "client" (in openvpn terminology) end of the link can ping both
> of the tun interfaces created by openvpn, the "server" end can only ping
> the _remote_ end. I suspect that this means the the IP address "server" of
> the server tun device doesn't appear in the routing table, and therefore
> never becomes available to route traffic.
>
> Any suggestions, comments, help, etc. gratefully received ;-)
>
>
>                                     VPN
>
>                   +--------+   172.16.0.0/30  +--------+
> 192.168.0.0/24 ---+ client +------------------+ server +--- 10.239.1.0/24
>                   +--------+ .2            .1 +--------+
>
>
> Thanks,
>
>

-- 
David Sheryn    <david%chromiq.org@localhost>

"The most exciting phrase to hear in science, the one that heralds new
 discoveries, is not 'Eureka!' but 'That's funny....'" -- Isaac Asimov

References:
- tun0 quesiton (_possibly_ openvpn related)
  - From: David

Prev by Date: Re: tun0 quesiton (_possibly_ openvpn related)
Next by Date: Machines available
Previous by Thread: Re: tun0 quesiton (_possibly_ openvpn related)
Next by Thread: Machines available
Indexes:

Home | Main Index | Thread Index | Old Index