Tunneling in Ubuntu
Ian Coetzee
ubuntu at iancoetzee.za.net
Wed Feb 10 09:48:48 UTC 2010
On Wed, Feb 10, 2010 at 8:48 AM, Nazeem نجم لدين <nazeemnss at gmail.com> wrote:
> hi,
>
> I tried the openvpn idea. I was able to setp openvpn on both server and
> client side. But I was neither able to ping to the other subnet nor send
> ip-multicast.
>
> I followed https://help.ubuntu.com/community/OpenVPN for the setup
>
>
> The output of route -n on server:
>
> ernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> 10.129.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br0
> 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 br0
> 0.0.0.0 10.129.1.250 0.0.0.0 UG 100 0 0 br0
>
> So I think the route for the packets is the bridge.
>
> Can you please tell me what I am missing. I did not use 2 NIC's on either
> client or server. Do I have to use them?
Hi Nazeem
Can you pastebin your server and client configs, with all the comments removed?
Did you forward the relevant ports on your routers?
Can you see that their is an established openvpn connection?
Can you ping the OpenVPN server from the client and vise-versa?
Regards
Ian
>
>
> Nazeem
>
>
> On Thu, Feb 4, 2010 at 6:57 AM, NoOp <glgxg at sbcglobal.net> wrote:
>>
>> On 02/03/2010 02:21 PM, Smoot Carl-Mitchell wrote:
>> > On Wed, 2010-02-03 at 22:40 +0100, Werner Schram wrote:
>> >>
>> >> On Wed, Feb 3, 2010 at 7:02 AM, Nazeem نجم لدين <nazeemnss at gmail.com>
>> >> wrote:
>> >> >
>> >> > hi,
>> >> > Can you suggest way of getting a multicast tunnel work. The
>> >> > assumption is
>> >> > that there is a unicast cloud in between two mbone networks. So we
>> >> > need to
>> >> > forward the multicast traffic over the unicast tunnel. Application is
>> >> > for
>> >> > video transmission.
>> >> > -Nazeem
>> >> >
>> >>
>> >> I think you should be able to do it with openvpn. Using the tap setup,
>> >> you can create a OSI layer 2 tunnel, which should be able to handle
>> >> ip-multicast. You then need to update the routing tables in both
>> >> networks to send multicast traffic to the tunnel in stead of the
>> >> router.
>> >> If you fully thrust the connection between the two networks, you could
>> >> disable openvpn's encryption for better performance.
>> >
>> > You can also do this with SSH which I find simpler than openvpn to
>> > configure (although I have done both). Check out the -w argument to SSH
>> > and the 'Tunnel' configuration parameter. Tunnel lets you do either
>> > layer 3 (point-to-point) or layer 2 (ethernet). You do incur the
>> > encryption overhead, but I would not run a VPN connection over the
>> > Internet unencrypted.
>> >
>> >
>>
>> Or, buy and use routers on each end that do the vpn encryption in
>> hardware. I typically avoid software vpn solutions (except for roaming
>> clients) for commercial/semi-commercial/private vpn networks. In the
>> past I've used (and still do) Linksys/Cisco BEFVP41 routers on each end.
>>
>> I'm sure that there are now more modern models that can do this as well,
>> but the BEFVP41's (model 2/2.1) have been quite trustworthy. Setup is
>> simple, the encryption takes place in the hardware so it's fast and
>> doesn't require client software on each side of a direct connect, and
>> both sides can be set up to autoconnect & use keepalive to stay up even
>> with non-static ip addresses (I use dyndns.org for my non-commercial dsl
>> connections).
>>
>>
>>
>>
>> --
>> ubuntu-users mailing list
>> ubuntu-users at lists.ubuntu.com
>> Modify settings or unsubscribe at:
>> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>
>
>
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>
>
More information about the ubuntu-users
mailing list