Differences between revisions 3 and 5 (spanning 2 versions)
Revision 3 as of 2009-02-15 19:07:39
Size: 649
Editor: PieterSmit
Comment:
Revision 5 as of 2009-02-15 19:22:26
Size: 723
Editor: PieterSmit
Comment:
Deletions are marked like this. Additions are marked like this.
Line 3: Line 3:
Setup of OpenVpn on multihome box.
 Problem is Openvpn answers udp packets back using default Gw, and selects different ip than incoming ip.		 === Setup of OpenVpn on multihome box. ===
Problem is Openvpn answers udp packets back using default Gw, and selects different ip than incoming ip.
Line 9: Line 9:
    * Kernel bug ? Still selecting wrong source     * X-( Kernel bug ? Still selecting wrong source
Line 12: Line 12:
    * (!) Setup OpenVpn to add host routes as they activate ?

Linux multihome openvpn

Setup of OpenVpn on multihome box.

Problem is Openvpn answers udp packets back using default Gw, and selects different ip than incoming ip.

  1. OpenVpn: Bind to all interfaces.

    • Linux selects int/ip based on routing. Local gen packets select int before mangle can replace fwmark.

  2. OpenVpn: Bind to lo:127.0.0.2, use nat to nat incoming on udp:1194 to 127.0.0.2.

    • X-( Kernel bug ? Still selecting wrong source

  3. OpenVpn: Multiple instances each bound to specific ext ip.

    • WORKS! but need separate subnet for each instance, thus client ip changes when re-connects.

    • (!) Setup OpenVpn to add host routes as they activate ?

linux/multihome/openvpn (last edited 2017-11-03 21:54:26 by PieterSmit)