Hello,
> for client-to-server traffic this looks correct ;
> client-to-client traffic is another matter.
Yes, that i knew, --client-to-client is internal to OpenVPN.
I found this out when i was testing throughput in a client to
client setup on pfSense some time ago and then finding
the backreference article.
>> This looks correct to me. You can actually think of "OpenVPN" and the
>> tun/tap device as one entity. A tun/tap adapter may only be used by a
>> single process. OpenVPN have a file descriptor to its tun/tap adapter
>> which it reads from and writes to. That data is sent to the kernel's
>> networking stack. This might be clearer if you consider the server or
>> client having more eth devices, or consider how --redirect-gateway would
>> interact.
Thanks for the added info, appreciated.
>> And of course, the mysterious and well hidden packet filter in OpenVPN
>> is also somewhere after the decompression and before the compression.
Not that i will ever need it or will have the knowledge to build a module
for the internal pf, i know just about nothing about code but just curious,
this only applies for bridge it seems?
So i guess we can say that the diagramm is useable for visualizing packet flow.
Off course it`s free to use.
Thanks again,
Pippin
Sent with [ProtonMail](https://protonmail.com) Secure Email.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
