DragonFly users List (threaded) for 2011-02
Re: Home stretch on new network - if_bridge looking better
On 02/24/11 11:50, Matthew Dillon wrote:
So - reading over this - is it correct that the setup is roughly like:
- assign a local interface (lan0) to a network
- add this network to the bridge
- create openvpn 'bridged' mode tunnels
- add these to the bridge
so the L2 bridge / STP will 'map' according to the state of
the ethernet bridging, which in turn relates to the openvpn tunnel
Without diverging any security sensitive whatnot,
Is the VPN tunnel created to the ISP or to say, the colo space?
(I'd assume the latter)
Have been working on my own openvpn (routing mode) fun to a pair
of VPS's as well over the last few days so this is of interest :D
also - I note in the "bridge2.txt" file you 'cd /usr/pkg/etc/openvpn'
before running - is this so openvpn can find the config files?
if so - to note, you can add a 'cd /path/to/configdir' within the
also - assuming you have statics on both end of the tunnels -
why did you choose openvpn ethernet bridging over say IP layer + ipsec?
(or even openvpn 'routing' mode) with something like OSPF or similar
and - do you have hw crypto cards on either endpoint?
(my soekris 486 gets a little bogged down by the crypto, which is why I ask)
ok enough questions ;)
its definitely fun trying to convert consumer internet into a 'real
(from a gigabit LAN piggybacked on a sometimes 56k wifi link)