DragonFly BSD
DragonFly users List (threaded) for 2011-02
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: Home stretch on new network - if_bridge looking better

From: Chris Turner <c.turner@xxxxxxxxxxxxxxxxxxx>
Date: Thu, 24 Feb 2011 12:43:50 -0600

On 02/24/11 11:50, Matthew Dillon wrote:


So - reading over this - is it correct that the setup is roughly like:

- assign a local interface (lan0) to a network
- add this network to the bridge
- create openvpn 'bridged' mode tunnels
- add these to the bridge

so the L2 bridge / STP will 'map' according to the state of
the ethernet bridging, which in turn relates to the openvpn tunnel

Without diverging any security sensitive whatnot,
Is the VPN tunnel created to the ISP or to say, the colo space?
(I'd assume the latter)

Have been working on my own openvpn (routing mode) fun to a pair
of VPS's as well over the last few days so this is of interest :D

also - I note in the "bridge2.txt" file you 'cd /usr/pkg/etc/openvpn'
before running - is this so openvpn can find the config files?

if so - to note, you can add a 'cd /path/to/configdir' within the
config files..

also - assuming you have statics on both end of the tunnels -
why did you choose openvpn ethernet bridging over say IP layer + ipsec?
(or even openvpn 'routing' mode) with something like OSPF or similar

and - do you have hw crypto cards on either endpoint?

(my soekris 486 gets a little bogged down by the crypto, which is why I ask)

ok enough questions ;)

its definitely fun trying to convert consumer internet into a 'real connection' :D

- Chris

(from a gigabit LAN piggybacked on a sometimes 56k wifi link)

[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]