Subject: Re: tap(4) + bridge(4) + OpenVPN advice sought
To: Sean Davis <firstname.lastname@example.org>
From: Christos Zoulas <email@example.com>
Date: 07/11/2005 00:18:33
On Jul 11, 12:02am, firstname.lastname@example.org (Sean Davis) wrote:
-- Subject: Re: tap(4) + bridge(4) + OpenVPN advice sought
| On Mon, Jul 11, 2005 at 05:44:16AM +0300, Christos Zoulas wrote:
| > In article <20050711010159.GA21613@endersgame.net>,
| > Sean Davis <email@example.com> wrote:
| > >-=3D-=3D-=3D-=3D-=3D-
| > >
| > >I've got a server hosted in the datacenter at which I work, and I would =
| > >to bridge it (over an encrypted vpn, of course), into my home LAN. At the
| > >moment, my main thought is to use OpenVPN, bridge(4) and tap(4), but I've
| > >never done this before, so I'm looking for suggestions. The server at ho=
| > >that will be running the home side of the bridge is running NetBSD 3.99.=
| > >and the server at work is running Debian 3.1.
| > >
| > >If anyone has done this before and wants to offer some pointers, I would
| > >greatly appreciate it.
| > I just use ipsec with racoon.
| Won't I still need a tap(4) & bridge(4) to make the Linux host appear on the
| home (NetBSD) LAN?
| Basically, I have:
| Linux host @ hosting provider: 64.34.xx.xx
| Home LAN: 192.168.1.xx
| I'd like to make the Linux box appear as, say, 192.168.1.99, to machines in
| the home LAN. Only way I'm currently aware of to do this is bridge(4), which
| would require tap(4) in order to bridge to a remote host. The ipsec could go
| between the tap on the NetBSD side and the tap on the Linux side, I suppose.
| I was more looking for examples... I know it can be done, but I was hoping
| someone would point out how it has been done :-)
You can either map that address with ipfilter to 192.168.1.99 or create
an interface in the reserved space on the linux host and add routes to it.