Tunneling in Ubuntu
Nazeem نجم لدين
nazeemnss at gmail.com
Sat Feb 27 16:59:02 UTC 2010
hi,
I said in my previous mail that ip-multicast worked by setting up a tunnel.
I check this by sending multicast traffic using vlc using RTP for audio and
video on separate ports. But when I tried the UDP option in vlc, in which
both audio and video are transmitted through the same port, it did not work
(ip-multicast as not forwarded).
Can you please help me with this problem?
-Nazeem
2010/2/12 Nazeem نجم لدين <nazeemnss at gmail.com>
> Hi,
>
> I configured once again and now it works!
> The problem was that I had not copied the keys from server to the client.
> If there is any other problem, I shall inform you.
>
> Thanks,
> Nazeem
>
>
> 2010/2/10 Ian Coetzee <ubuntu at iancoetzee.za.net>
>
> On Wed, Feb 10, 2010 at 8:48 AM, Nazeem نجم لدين <nazeemnss at gmail.com>
>> wrote:
>> > hi,
>> >
>> > I tried the openvpn idea. I was able to setp openvpn on both server and
>> > client side. But I was neither able to ping to the other subnet nor send
>> > ip-multicast.
>> >
>> > I followed https://help.ubuntu.com/community/OpenVPN for the setup
>> >
>> >
>> > The output of route -n on server:
>> >
>> > ernel IP routing table
>> > Destination Gateway Genmask Flags Metric Ref Use
>> > Iface
>> > 10.129.0.0 0.0.0.0 255.255.0.0 U 0 0 0
>> br0
>> > 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0
>> br0
>> > 0.0.0.0 10.129.1.250 0.0.0.0 UG 100 0 0
>> br0
>> >
>> > So I think the route for the packets is the bridge.
>> >
>> > Can you please tell me what I am missing. I did not use 2 NIC's on
>> either
>> > client or server. Do I have to use them?
>>
>> Hi Nazeem
>>
>> Can you pastebin your server and client configs, with all the comments
>> removed?
>>
>> Did you forward the relevant ports on your routers?
>>
>> Can you see that their is an established openvpn connection?
>>
>> Can you ping the OpenVPN server from the client and vise-versa?
>>
>> Regards
>> Ian
>>
>> >
>> >
>> > Nazeem
>> >
>> >
>> > On Thu, Feb 4, 2010 at 6:57 AM, NoOp <glgxg at sbcglobal.net> wrote:
>> >>
>> >> On 02/03/2010 02:21 PM, Smoot Carl-Mitchell wrote:
>> >> > On Wed, 2010-02-03 at 22:40 +0100, Werner Schram wrote:
>> >> >>
>> >> >> On Wed, Feb 3, 2010 at 7:02 AM, Nazeem نجم لدين <
>> nazeemnss at gmail.com>
>> >> >> wrote:
>> >> >> >
>> >> >> > hi,
>> >> >> > Can you suggest way of getting a multicast tunnel work. The
>> >> >> > assumption is
>> >> >> > that there is a unicast cloud in between two mbone networks. So we
>> >> >> > need to
>> >> >> > forward the multicast traffic over the unicast tunnel. Application
>> is
>> >> >> > for
>> >> >> > video transmission.
>> >> >> > -Nazeem
>> >> >> >
>> >> >>
>> >> >> I think you should be able to do it with openvpn. Using the tap
>> setup,
>> >> >> you can create a OSI layer 2 tunnel, which should be able to handle
>> >> >> ip-multicast. You then need to update the routing tables in both
>> >> >> networks to send multicast traffic to the tunnel in stead of the
>> >> >> router.
>> >> >> If you fully thrust the connection between the two networks, you
>> could
>> >> >> disable openvpn's encryption for better performance.
>> >> >
>> >> > You can also do this with SSH which I find simpler than openvpn to
>> >> > configure (although I have done both). Check out the -w argument to
>> SSH
>> >> > and the 'Tunnel' configuration parameter. Tunnel lets you do either
>> >> > layer 3 (point-to-point) or layer 2 (ethernet). You do incur the
>> >> > encryption overhead, but I would not run a VPN connection over the
>> >> > Internet unencrypted.
>> >> >
>> >> >
>> >>
>> >> Or, buy and use routers on each end that do the vpn encryption in
>> >> hardware. I typically avoid software vpn solutions (except for roaming
>> >> clients) for commercial/semi-commercial/private vpn networks. In the
>> >> past I've used (and still do) Linksys/Cisco BEFVP41 routers on each
>> end.
>> >>
>> >> I'm sure that there are now more modern models that can do this as
>> well,
>> >> but the BEFVP41's (model 2/2.1) have been quite trustworthy. Setup is
>> >> simple, the encryption takes place in the hardware so it's fast and
>> >> doesn't require client software on each side of a direct connect, and
>> >> both sides can be set up to autoconnect & use keepalive to stay up even
>> >> with non-static ip addresses (I use dyndns.org for my non-commercial
>> dsl
>> >> connections).
>> >>
>> >>
>> >>
>> >>
>> >> --
>> >> ubuntu-users mailing list
>> >> ubuntu-users at lists.ubuntu.com
>> >> Modify settings or unsubscribe at:
>> >> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>> >
>> >
>> >
>> > --
>> > ubuntu-users mailing list
>> > ubuntu-users at lists.ubuntu.com
>> > Modify settings or unsubscribe at:
>> > https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>> >
>> >
>>
>> --
>> ubuntu-users mailing list
>> ubuntu-users at lists.ubuntu.com
>> Modify settings or unsubscribe at:
>> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>>
>
>
>
> --
> لا اله الا الله محمد رسول الله
>
--
لا اله الا الله محمد رسول الله
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20100227/0611e0da/attachment.html>
More information about the ubuntu-users
mailing list