> But... I don't think that OpenVPN is the right approach as it is not > peer-to-peer solution.
I agree that this is not the optimal solution, especially for large/high bandwith setups. I was just looking for something that I could get going with what I have today. My ideal setup would be a central arbiter that hands out routing and encryption info each for each p2p connection that is desired, but I don't know of anything that does this currently. > If your hypervisor uses a tap interface, you can just have openvpn use that tap interface "right away". I guess I need to read up a bit more on how tap interfaces work. I guess I assumed that the hypervisor was controlling that, so there wouldn't be room for openvpn to jump on it. But assuming it is as you say, that seems very promising, and much easier to get going than I though. I think I'm going to try this out here in the next few days, and see how easily I can get something setup. If I have luck I'll put up a blog post about it. Thanks for the input, Tom
