Routing: local link vs VPN provided route
Chuck Swiger
cswiger at mac.com
Wed Aug 6 19:31:41 UTC 2008
Hi, all--
On Aug 6, 2008, at 11:50 AM, Bill Moran wrote:
>> It seems, however, that the packets would just go to local
>> network. Is
>> it possible to get packets to non-conflicting IP addresses (i.e. only
>> exist in either local network, or remote VPN'ed network) to go
>> through
>> the tun0 device?
>
> Any hack you would do to make this work is going to be unreliable at
> best.
>
> Renumber your network so that routing can work as designed.
Bill's advice is solid, but there are some other alternatives
available. You could set up individual host routes (ie, a route with
a /32 netmask) which go over tun0 rather than defaulting to your local
ethernet link, for the things you want to access remotely.
The other alternative is to set up OpenVPN in bridging mode:
http://openvpn.net/index.php/documentation/faq.html#bridge1
http://openvpn.net/index.php/documentation/miscellaneous/ethernet-bridging.html
This isn't a recommended configuration for many purposes, as it is
more efficient to use explicit routing between subnets when you need
to cross the VPN link, rather than simply sending everything over that
link as in a bridge, but bridging works better with Samba, ZeroConf/
Bonjour, and other things which use network broadcasts to find things
on the "local" subnet.
Regards,
--
-Chuck
More information about the freebsd-net
mailing list