Tunneling in Ubuntu
Nazeem نجم لدين
nazeemnss at gmail.com
Wed Feb 10 06:48:18 UTC 2010
I tried the openvpn idea. I was able to setp openvpn on both server and
client side. But I was neither able to ping to the other subnet nor send
I followed https://help.ubuntu.com/community/OpenVPN for the setup
The output of route -n on server:
ernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
10.129.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 br0
0.0.0.0 10.129.1.250 0.0.0.0 UG 100 0 0 br0
So I think the route for the packets is the bridge.
Can you please tell me what I am missing. I did not use 2 NIC's on either
client or server. Do I have to use them?
On Thu, Feb 4, 2010 at 6:57 AM, NoOp <glgxg at sbcglobal.net> wrote:
> On 02/03/2010 02:21 PM, Smoot Carl-Mitchell wrote:
> > On Wed, 2010-02-03 at 22:40 +0100, Werner Schram wrote:
> >> On Wed, Feb 3, 2010 at 7:02 AM, Nazeem نجم لدين <nazeemnss at gmail.com>
> >> >
> >> > hi,
> >> > Can you suggest way of getting a multicast tunnel work. The assumption
> >> > that there is a unicast cloud in between two mbone networks. So we
> need to
> >> > forward the multicast traffic over the unicast tunnel. Application is
> >> > video transmission.
> >> > -Nazeem
> >> >
> >> I think you should be able to do it with openvpn. Using the tap setup,
> >> you can create a OSI layer 2 tunnel, which should be able to handle
> >> ip-multicast. You then need to update the routing tables in both
> >> networks to send multicast traffic to the tunnel in stead of the router.
> >> If you fully thrust the connection between the two networks, you could
> >> disable openvpn's encryption for better performance.
> > You can also do this with SSH which I find simpler than openvpn to
> > configure (although I have done both). Check out the -w argument to SSH
> > and the 'Tunnel' configuration parameter. Tunnel lets you do either
> > layer 3 (point-to-point) or layer 2 (ethernet). You do incur the
> > encryption overhead, but I would not run a VPN connection over the
> > Internet unencrypted.
> Or, buy and use routers on each end that do the vpn encryption in
> hardware. I typically avoid software vpn solutions (except for roaming
> clients) for commercial/semi-commercial/private vpn networks. In the
> past I've used (and still do) Linksys/Cisco BEFVP41 routers on each end.
> I'm sure that there are now more modern models that can do this as well,
> but the BEFVP41's (model 2/2.1) have been quite trustworthy. Setup is
> simple, the encryption takes place in the hardware so it's fast and
> doesn't require client software on each side of a direct connect, and
> both sides can be set up to autoconnect & use keepalive to stay up even
> with non-static ip addresses (I use dyndns.org for my non-commercial dsl
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ubuntu-users