Differences between revisions 1 and 2
Revision 1 as of 2009-02-15 19:04:18
Size: 651
Editor: PieterSmit
Comment:
Revision 2 as of 2009-02-15 19:06:40
Size: 651
Editor: PieterSmit
Comment:
Deletions are marked like this. Additions are marked like this.
Line 8: Line 8:
 2. OpenVpn: Bind to lo:127.0.0.2, use nat to nat incoming on udp:1194 to 127.0.0.2.  1. OpenVpn: Bind to lo:127.0.0.2, use nat to nat incoming on udp:1194 to 127.0.0.2.
Line 10: Line 10:
 3. OpenVpn: Multiple instances each bound to specific ext ip.  1. OpenVpn: Multiple instances each bound to specific ext ip.

Linux multihome openvpn

Setup of OpenVpn on multihome box.

  • Problem is Openvpn answers udp packets back using default Gw, and selects different ip than incoming ip.

  • OpenVpn: Bind to all interfaces.

    • Linux selects int/ip based on routing. Local gen packets select int before mangle can replace fwmark.

  • OpenVpn: Bind to lo:127.0.0.2, use nat to nat incoming on udp:1194 to 127.0.0.2.

    • Kernel bug ? Still selecting wrong source

  • OpenVpn: Multiple instances each bound to specific ext ip.

    • WORKS! but need separate subnet for each instance, thus client ip changes when re-connects.

linux/multihome/openvpn (last edited 2017-11-03 21:54:26 by PieterSmit)