Date: Wed, 6 Aug 2008 12:14:29 -0700 From: Chuck Swiger <cswiger@mac.com> To: Bill Moran <wmoran@collaborativefusion.com> Cc: freebsd-net@freebsd.org, d@delphij.net, Quake Lee <quakelee@geekcn.org>, Xin LI <delphij@delphij.net> Subject: Re: Routing: local link vs VPN provided route Message-ID: <C1998006-1089-4B1D-805A-D15EA7754B23@mac.com> In-Reply-To: <20080806145031.9c94326a.wmoran@collaborativefusion.com> References: <4899F1AB.8080409@delphij.net> <20080806145031.9c94326a.wmoran@collaborativefusion.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, all-- On Aug 6, 2008, at 11:50 AM, Bill Moran wrote: >> It seems, however, that the packets would just go to local >> network. Is >> it possible to get packets to non-conflicting IP addresses (i.e. only >> exist in either local network, or remote VPN'ed network) to go >> through >> the tun0 device? > > Any hack you would do to make this work is going to be unreliable at > best. > > Renumber your network so that routing can work as designed. Bill's advice is solid, but there are some other alternatives available. You could set up individual host routes (ie, a route with a /32 netmask) which go over tun0 rather than defaulting to your local ethernet link, for the things you want to access remotely. The other alternative is to set up OpenVPN in bridging mode: http://openvpn.net/index.php/documentation/faq.html#bridge1 http://openvpn.net/index.php/documentation/miscellaneous/ethernet-bridging.html This isn't a recommended configuration for many purposes, as it is more efficient to use explicit routing between subnets when you need to cross the VPN link, rather than simply sending everything over that link as in a bridge, but bridging works better with Samba, ZeroConf/ Bonjour, and other things which use network broadcasts to find things on the "local" subnet. Regards, -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C1998006-1089-4B1D-805A-D15EA7754B23>