[leaf-user] RE: Bering uclibc: OpenVPN in bridging mode without ifconfig?

Sun, 15 May 2005 03:47:53 -0700 

Thanks!
That seems to do the trick. I'm connected and even have MS network browsing 
accross the VPN.
:)

/Claus


*********** REPLY SEPARATOR  ***********

On 13-05-2005 at 08:45 Brent Gardner wrote:

>Claus-
>
>Comments below.
>
>> -----Original Message-----
>> From: [EMAIL PROTECTED]
>> [mailto:[EMAIL PROTECTED] On Behalf Of
>> Claus H. Johansen
>> Sent: Thursday, May 12, 2005 11:20 AM
>> To: leaf-user@lists.sourceforge.net
>> Subject: [leaf-user] Bering uclibc: OpenVPN in bridging mode
>> without ifconfig?
>>
>>
>> Hi,
>>
>> I'm trying to set up a Bering uclibc (ver. 2.0 beta3) box
>> with OpenVPN
>> in bridging mode. I've done this on a "standard" linux before, so I'm
>> familiar with most of the tasks, but I can't seem to find a
>> solution for
>> the bridging part.
>>
>> The OpenVPN docs describe how to set up bridging of the tap and eth
>> interfaces with a shell script using commands like:
>>
>>    ifconfig tap0 0.0.0.0 promisc up
>>    ifconfig eth1 0.0.0.0 promisc up
>>    ifconfig br0 192.168.1.1 netmask 255.255.255.0 broadcast
>> 192.168.1.255
>>
>> Now, I've been trying to convert these commands to route2
>> syntax only to
>> find that route2 no longer supports putting the interfaces in
>> promiscuous mode.
>>
>> Any ideas about how to get around this would be appreciated.
>>
>> Thanks in advance.
>>
>> /Claus
>>
>
>The way I have it working is I configure the bridge interface in
>/etc/network/interfaces to include eth0 which is otherwise unconfigured.
>The standard initialization scripts that run when Bering is booted create
>all the necessary routes for the bridge.  I run a script whenever OpenVPN
>initializes using the 'up' command in /etc/openvpn/openvpn.conf.  I've
>included my conf files and script below.
>
>hth
>
>Brent Gardner
>Network Administrator
>IPRO Tech, Inc.
>
>
># /etc/network/interfaces -- configuration file for LEAF network
>#
># Loopback interface.
>auto lo
>iface lo inet loopback
>
># Step 4 (optional): configure a bridge
>auto br0
>iface br0 inet static
>        address 10.0.12.1
>        netmask 255.255.0.0
>        broadcast 10.0.255.255
>        gateway 10.0.0.1
>        bridge_ports eth0
>
>
>#/etc/openvpn/openvpn.conf
>
># ' or ';' may be used to delimit comments.
>#
>
>mode server
>
>lport 1194
>proto udp
>dev tap0
>
>tun-mtu 1500
>tun-mtu-extra 32
>mssfix 1450
>fragment 1450
>
>tls-server
>dh /etc/openvpn/ca/dh2048.pem
>ca /etc/openvpn/ca/my-ca.crt
>crl-verify /etc/openvpn/ca/crl.pem
>cert /etc/openvpn/server/office.crt
>key /etc/openvpn/server/office.key
>key-method 2
>
>ping 10
>ping-restart 120
>
>comp-lzo
>
>up /etc/openvpn/up.script
>up-restart
>
>verb 5
>mute 5
>
>
>#/etc/openvpn/up.script
>
># add OpenVPN's tap0 interface to bridge br0
>#
>brctl addif br0 tap0
>
># enable the tap0 interface
>#
>ip link set tap0 up






-------------------------------------------------------
This SF.Net email is sponsored by Oracle Space Sweepstakes
Want to be the first software developer in space?
Enter now for the Oracle Space Sweepstakes!
http://ads.osdn.com/?ad_ids93&alloc_id281&op=click
------------------------------------------------------------------------
leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Reply via email to