Am 01.08.2009 um 17:24 schrieb Julian Elischer:
Stefan Bethke wrote:
(Moving the discussion to -ports.)
Am 31.07.2009 um 00:57 schrieb Matthias Andree:
Am 31.07.2009, 00:36 Uhr, schrieb Bjoern A. Zeeb <bzeeb-li...@lists.zabbadoz.net
>:
Yeah that is as great as we are or rather were.
So really, fix the openvpn scripts that assign the address to
interfaces to do something that would make sense from the ``man
ip''
(not the literal command) point of view. Just that it's "working"
somewhere or used to work elswhere neither means that it was
correct
nor made sense at any time before.
It's actually in the C code where it was advertised as FreeBSD fix.
OpenVPN runs in 'topology subnet' mode here, which is documented
as follows:
Use a subnet rather than a point-to-point topology by
configuring the tun interface with a local IP address and
subnet
mask, similar to the topology used in --dev tap and
ethernet
bridging mode. This mode allocates a single IP address per
con-
necting client [... MS-Windows stuff here ...]
When used on *nix, requires that the
tun driver supports an ifconfig(8) command which sets a
subnet
instead of a remote endpoint IP address.
I wonder if TUNSIFMODE (see tun(4)) is somehow needed and if so,
already done, and how the proper ifconfig call would look like in
this case. Stefan already uttered some ideas in that direction.
Here's a first draft at a patch for OpenVPN. With this, the tun
interface gets set to IFF_BROADCAST mode. One small piece is still
missing: OpenVPN tries to install a route for the subnet, but that
fails because now ifconfig has already inserted that route. I'll
try to look into that a bit later on. I also haven't tested the
server side yet, or any other mode.
I would have thought that the correct answer would be to set a
different address for the remote end..
it is a p2p link so to make it look like an ethernet is a bit weird.
Windows does not have p2p interfaces, so OpenVPN offers a "virtual
ethernet" configuration where the OpenVPN server process routes
packets between various clients inside this subnet. Looking from the
outside, this --topology subnet mode is not a point to point link, but
rather a broadcast network, and even before, OpenVPN installed a
network route going over the p2p tun interface. This change aligns
the configuration with the actual model OpenVPN uses.
Other --topology modes continue to use p2p mode, and the interface is
configured with the server's address.
Stefan
--
Stefan Bethke <s...@lassitu.de> Fon +49 151 14070811
_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
