On Jul 11, 12:02am, dive@endersgame.net (Sean Davis) wrote:
-- Subject: Re: tap(4) + bridge(4) + OpenVPN advice sought

| On Mon, Jul 11, 2005 at 05:44:16AM +0300, Christos Zoulas wrote:
| > In article <20050711010159.GA21613@endersgame.net>,
| > Sean Davis  <dive-nb@endersgame.net> wrote:
| > >-=3D-=3D-=3D-=3D-=3D-
| > >
| > >I've got a server hosted in the datacenter at which I work, and I would =
| like
| > >to bridge it (over an encrypted vpn, of course), into my home LAN. At the
| > >moment, my main thought is to use OpenVPN, bridge(4) and tap(4), but I've
| > >never done this before, so I'm looking for suggestions. The server at ho=
| me
| > >that will be running the home side of the bridge is running NetBSD 3.99.=
| 7,
| > >and the server at work is running Debian 3.1.
| > >
| > >If anyone has done this before and wants to offer some pointers, I would
| > >greatly appreciate it.
| >=20
| > I just use ipsec with racoon.
| 
| Won't I still need a tap(4) & bridge(4) to make the Linux host appear on the
| home (NetBSD) LAN?
| 
| Basically, I have:
| 
| Linux host @ hosting provider: 64.34.xx.xx
| 
| Home LAN: 192.168.1.xx
| 
| I'd like to make the Linux box appear as, say, 192.168.1.99, to machines in
| the home LAN. Only way I'm currently aware of to do this is bridge(4), which
| would require tap(4) in order to bridge to a remote host. The ipsec could go
| between the tap on the NetBSD side and the tap on the Linux side, I suppose.
| 
| I was more looking for examples... I know it can be done, but I was hoping
| someone would point out how it has been done :-)

You can either map that address with ipfilter to 192.168.1.99 or create
an interface in the reserved space on the linux host and add routes to it.

christos