Differences between revisions 2 and 3
Revision 2 as of 2009-02-15 19:06:40
Size: 651
Editor: PieterSmit
Comment:
Revision 3 as of 2009-02-15 19:07:39
Size: 649
Editor: PieterSmit
Comment:
Deletions are marked like this. Additions are marked like this.
Line 4: Line 4:
 * Problem is Openvpn answers udp packets back using default Gw, and selects different ip than incoming ip.  Problem is Openvpn answers udp packets back using default Gw, and selects different ip than incoming ip.

Linux multihome openvpn

Setup of OpenVpn on multihome box.

  • Problem is Openvpn answers udp packets back using default Gw, and selects different ip than incoming ip.

  • OpenVpn: Bind to all interfaces.

    • Linux selects int/ip based on routing. Local gen packets select int before mangle can replace fwmark.

  • OpenVpn: Bind to lo:127.0.0.2, use nat to nat incoming on udp:1194 to 127.0.0.2.

    • Kernel bug ? Still selecting wrong source

  • OpenVpn: Multiple instances each bound to specific ext ip.

    • WORKS! but need separate subnet for each instance, thus client ip changes when re-connects.

linux/multihome/openvpn (last edited 2017-11-03 21:54:26 by PieterSmit)