|
|
Luc Van der Veken <lucvdv@xxxxxxxx> said: > On Tue, 30 Sep 2003 16:34:39 -0700, "Bert Shuler" > <bshuler@xxxxxxxxxxxxxxxxxxx> wrote: > > > The windows TUN driver is wonderful!! Thankyou. Will there be any way in > > the future to avoid > > "The local and remote VPN endpoints must exist within the same > > 255.255.255.252 subnet. This is a limitation of --dev tun when used > > with the TAP-WIN32 driver." > > > > Wasting 6 IPs on each connection is not good. > > You're not wasting 6 IP's, only two (a /30 network has 4 addresses: > the network address, two client addresses and the broadcast address). Remember also that VPN endpoints tend to be taken from private subnets which are vast in comparison to the cramped public IP space where every address must be globally unique. > Actually this is the way I was already using TAP: one /30 subnet per > tunnel. I made a choice to implement TUN driver functionality within the TAP-Win32 driver itself, by implementing an ioctl which toggles between virtual ethernet and point-to-point mode. The upshot is that even when the TAP-Win32 adapter is in point-to-point (i.e. tun) mode, it still exports (and hence "looks like") an ethernet-NIC interface to the windows networking subsystem. This detail turned a potentially large project (writing a Windows virtual WAN driver from scratch) into a quite simple and manageable extension to the existing TAP-Win32 driver -- with the caveat (due to the emulation of point-to-point semantics) that endpoints must be the two usable addresses of a /30 subnet. James ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |