NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: bridge with tap - trying to set up openvpn server



> On Mon, Apr 04, 2011 at 08:20:27AM -0400, yancm%sdf.lonestar.org@localhost 
> wrote:
>> I'm running on i386, NetBSD 5_Stable branch.
>>
>> I'm trying to set up an openvpn server on my home network
>> (<10 vpn devices).
>>
>> I am wanting to use bridged mode because I want the vpn
>> connections to see the internal network resources.
>>
>> My internal network was 192.168.1.0/24 (main server/gateway/
>> NAT/DHCP/firewall/DNS is on 192.168.1.1).
>>
>> I have recompiled the kernel with bridging support.
>>
>> The internal interface, wm1, was specified with 192.168.1.1
>> netmask 255.255.255.0.
>>
>> To allow some of this subnet for the tap0 interface, I changed
>> the wm1 netmask to 255.255.255.128. I set up the tap0 interface
>> to 192.168.1.193 netmask 255.255.255.192.
>>
>> With this setup the internal network operates fine before I try
>> to turn on bridging.
>
> If you use bridging, you have the same netmask everywhere.
> So wm1 says as 192.168.1.1/24, tap0 doesn't have an interface
> (as its packets will be bridged to wm1).

I apologize, but I do not understand what you are saying apparently...

Here's what I have tried ...

First, I think you are saying my wm1 should keep a netmask of
255.255.255.0 so that wm1 sees the full /24 subnet. Easy enough -
I reset that subnet mask. And tap0 should have the same netmask.
As soon as I added wm1 to the bridge0, I loose wm1 and local network.

Second, I re-read "tap0 doesn't have an interface"? Do you mean
tap0 doesn't have an address? It is an interface?? (if only
virtual by definition)... I destroyed tap0...but it has to exist
to add it to the bridge. I create tap0 again without an address:
# ifconfig tap0
tap0: flags=8902<BROADCAST,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        address: f2:0b:a4:fd:9f:04
        media: Ethernet autoselect

But I get the same result, if I add wm1 to bridge0, I loose wm1
connectivity.

Even if I do not have tap0 in bridge0, if I add wm1 to bridge0,
I loose wm1 connectivity.

if I just use the following command, should it kill wm1?:
brconfig bridge0 add wm1

before I do this ifconfig wm1 and bridge0 gives:
wm1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        address: 00:1b:21:95:00:1a
        media: Ethernet autoselect (1000baseT)
        status: active
        inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
bridge0: flags=41<UP,RUNNING> mtu 1500


Is there a better description of brconfig and bridging does?
I've looked at the man pages...it just seems a bit too sparse?

Are there any more illustrative examples? Maybe someone has set up
openvpn?




Home | Main Index | Thread Index | Old Index