Claus- Comments below.
> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Claus H. Johansen > Sent: Thursday, May 12, 2005 11:20 AM > To: leaf-user@lists.sourceforge.net > Subject: [leaf-user] Bering uclibc: OpenVPN in bridging mode > without ifconfig? > > > Hi, > > I'm trying to set up a Bering uclibc (ver. 2.0 beta3) box > with OpenVPN > in bridging mode. I've done this on a "standard" linux before, so I'm > familiar with most of the tasks, but I can't seem to find a > solution for > the bridging part. > > The OpenVPN docs describe how to set up bridging of the tap and eth > interfaces with a shell script using commands like: > > ifconfig tap0 0.0.0.0 promisc up > ifconfig eth1 0.0.0.0 promisc up > ifconfig br0 192.168.1.1 netmask 255.255.255.0 broadcast > 192.168.1.255 > > Now, I've been trying to convert these commands to route2 > syntax only to > find that route2 no longer supports putting the interfaces in > promiscuous mode. > > Any ideas about how to get around this would be appreciated. > > Thanks in advance. > > /Claus > The way I have it working is I configure the bridge interface in /etc/network/interfaces to include eth0 which is otherwise unconfigured. The standard initialization scripts that run when Bering is booted create all the necessary routes for the bridge. I run a script whenever OpenVPN initializes using the 'up' command in /etc/openvpn/openvpn.conf. I've included my conf files and script below. hth Brent Gardner Network Administrator IPRO Tech, Inc. # /etc/network/interfaces -- configuration file for LEAF network # # Loopback interface. auto lo iface lo inet loopback # Step 4 (optional): configure a bridge auto br0 iface br0 inet static address 10.0.12.1 netmask 255.255.0.0 broadcast 10.0.255.255 gateway 10.0.0.1 bridge_ports eth0 #/etc/openvpn/openvpn.conf # ' or ';' may be used to delimit comments. # mode server lport 1194 proto udp dev tap0 tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 fragment 1450 tls-server dh /etc/openvpn/ca/dh2048.pem ca /etc/openvpn/ca/my-ca.crt crl-verify /etc/openvpn/ca/crl.pem cert /etc/openvpn/server/office.crt key /etc/openvpn/server/office.key key-method 2 ping 10 ping-restart 120 comp-lzo up /etc/openvpn/up.script up-restart verb 5 mute 5 #/etc/openvpn/up.script # add OpenVPN's tap0 interface to bridge br0 # brctl addif br0 tap0 # enable the tap0 interface # ip link set tap0 up ------------------------------------------------------- This SF.Net email is sponsored by Oracle Space Sweepstakes Want to be the first software developer in space? Enter now for the Oracle Space Sweepstakes! http://ads.osdn.com/?ad_id=7393&alloc_id=16281&op=click ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
