On Fri, 28 Feb 2014 12:41:16 -0800 "Paul B. Henson" <hen...@acm.org> wrote: > I'm currently setting up an L2TP VPN with npppd. I've got the VPN piece > working, and can send packets between the client and the openbsd box > running the vpn. However, I'm currently using ospfd for routing between > the rest of the network and the openbsd box, and it doesn't seem to be > pushing routes for the IP addresses in use by the clients.
I'm not sure whether it works. Can you try it by static route? Also, if there is a network behind the vpn, you can assign a static ip address and netmask instead of assigning /32 dynamic address. See npppd-users(5) and use framed-ip-address and framed-ip-netmask. > So, after a couple VPN clients connect, there are pppx interfaces: > > pppx0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1360 > description: henson > priority: 0 > groups: pppx > inet 10.128.120.1 --> 10.128.120.82 netmask 0xffffffff > > pppx1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1360 > description: henson > priority: 0 > groups: pppx > inet 10.128.120.1 --> 10.128.120.121 netmask 0xffffffff > > and the local routing tables know how to get to them: > > Destination Gateway Flags Refs Use Mtu Prio Iface > 10.128.120.82 10.128.120.1 UH 0 10 - 4 pppx0 > 10.128.120.121 10.128.120.1 UH 0 63 - 4 pppx1 > > ospfd seems to know *something* about the /24 I've allocated to the VPN: npppd setup the routes for configured pool addresses to reserve them. I think this is the reason why ospfd seems to know something. But > flags: * = valid, O = OSPF, C = Connected, S = Static > Flags Prio Destination Nexthop > *C 4 10.128.110.0/24 link#7 > 4 10.128.120.43/32 10.128.120.1 > 4 10.128.120.45/32 10.128.120.1 > 4 10.128.120.82/32 10.128.120.1 many /32 routes show something wrong. --yasuoka
