On Wed, 17 Apr 2019 15:29:50 +0200 Kevin DAGNEAUX <kevin.dagne...@fiitelcom.fr> wrote:
> > Le 17/04/2019 à 14:15, Celejar a écrit : > > On Wed, 17 Apr 2019 08:37:20 +0200 > > Kevin DAGNEAUX <kevin.dagne...@fiitelcom.fr> wrote: > > > >>> Hi, > >>> > >>> I've been bedeviled by this question for a while, but have been unable > >>> to figure out a clean, non-hackish solution. It may be an XY problem ... > >>> > >>> I have a system (laptop, running Debian) that is sometimes connected > >>> directly to my LAN, and sometimes connected via VPN (wireguard, to the > >>> local router, running OpenWrt). The LAN is 192.168.0.0/24, with the > >>> laptop having a fixed, static address in that range (although I'm > >>> certainly open to using DHCP, possibly with a fixed address > >>> reservation). The VPN is 10.0.0.0/24, with the laptop getting a fixed, > >>> static address in that range (and wireguard apparently doesn't work > >>> with dhcp). > >>> > >>> I currently have an entry in /etc/hosts on the various LAN hosts > >>> assigning a hostname to the laptop's fixed local address, and the LAN > >>> hosts can access the laptop via that hostname. [I could alternatively > >>> use dnsmasq, which is running on the router regardless.] This obviously > >>> doesn't work when the laptop is connected via VPN. [The laptop can > >>> access the LAN hosts fine via their hostnames, so I seem to have the > >>> routing correctly configured on the laptop and the router.] > >>> > >>> What I seem to want (but maybe XY?) is some way to adjust the host > >>> files (or dnsmasq's information) so that the hostname will resolve to > >>> the LAN address when the laptop is connected to the LAN, and the VPN > >>> address when it's connected via VPN. If everything was using DHCP, this > >>> would be straightforward enough, but as I said, the VPN apparently > >>> needs to be configured statically, and not via DHCP. I could obviously > >>> use some custom script (using, say, ageas, to modify host files) but > >>> this seems hackish. What is a standard, 'correct' way to do this, or > >>> more generally, to enable the LAN hosts to access the laptop > >>> seamlessly regardless of its IP address and connection type? > >>> > >>> Celejar > >>> > >> Hi, > >> > >> A possible solution is to use a bridged VPN, in this case, your laptop > >> will always have the same IP. > > Thanks. I can't seem to find much information about this - can you > > elaborate, or point me to a link? [I'm not a networking expert.] > > > > Currently, my LAN is 192.168.0.0/24, which is also the addressing > > scheme of some of the networks out of my control that I'm setting up a > > VPN link from. I deliberately used 10.0.0.0/24 for the VPN to avoid > > address collisions with these other networks. It did occur to me to > > consider using a different address space, for the VPN or perhaps for the > > whole home LAN, but I'd rather not take that step just to solve what > > seems a relatively simple problem unless absolutely necessary > > > > Celejar > > > Celjar, > > You can find some explaination at > https://openvpn.net/community-resources/ethernet-bridging/ Thanks. I'm trying to figure out whether Wireguard, and OpenWrt's implementation of it in particular, supports bridging. > Using common network adressing will often give address collisions when > using VPN (routed or bridged VPN), like if on your home network and > remote network you have 2 machin with same IP, one of them will not be > reachable (depending of your routing table). I think that this won't be much of an issue - when I'm on remote networks, there typically aren't any hosts on those networks that I need to access. Celejar
