[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Routing via an OpenVPN tunnel; was "message threading ..."

From:	Bob Proulx <bob@proulx.com>
Date:	Tue, 18 Jan 2011 21:12:47 -0700
> I am suggesting that you have such a complicated routing setup that it
> is causing you difficulty and that you should simplify it by some
> method.  You listed five (5!) route commands in your configuration.

Yes; addressing subnets rather than individual machines is better.
Now there is just one route directive in joule:/etc/openvpn/myvpn.conf 
to identify the subnet at UBC.  dalton:/etc/openvpn/myvpn.conf has 
one route directive to identify the subnet at home;  but dalton 
has two other route directives to let the subnet at UBC connect 
to the Shaw FTP and SMTP servers.  The Shaw SMTP server will accept 
a connection only via my home link.  The FTP server will accept a 
connection from anywhere but the tunnel avoids exposing communication 
to the public.  http://carnot.yi.org/NetworksPage.html is updated with the 
details.  For now, I can't think of any further simplification.

From:	Mike Bird <mgb-debian@yosemite.net>
Date:	Tue, 18 Jan 2011 21:07:47 -0800
> Once your routing gets that complexicational you might
> want to consider using a routing deamon such as Quagga.
> You could probably use OSPF over the tunnels but we
> prefer to use private BGP, with each office and laptop
> and customer office network a separate private AS.
I'll read about those.  Now that the configurations are 
simplified I might leave them rather than install more 

Thanks for the ideas.  Avoiding reliance on a DDNS for Joule 
by dropping the remote directive on Dalton was a crucial 
                    ... Peter E.

Telephone 1 360 450 2132.
Shop pages http://carnot.yi.org/ accessible as long as the old drives survive.
Personal pages http://members.shaw.ca/peasthope/ .

Reply to: