[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Re: Answering on the same interface where the request came from


  • Subject: Re: [Openvpn-users] Re: Answering on the same interface where the request came from
  • From: "Doncho N. Gunchev" <mr700@xxxxxxxxxxxx>
  • Date: Wed, 23 Feb 2005 15:27:18 +0200

On 2005 02 23 (Wednesday) 12:01, Charles Duffy wrote:
> On Wed, 23 Feb 2005 11:46:06 +0200, Doncho N. Gunchev wrote:
...
> >     Is it possible to bind openvpn (maybe 2.1) to multiple addresses
> >     like
> > BIND, SQUID, Apache and many others can?
> 
> Sure you can bind to multiple addresses, but in UDP mode you don't have a
> guarantee that the answer will be on the same IP as the source.

    How does bind do so?
... netstat -unap | grep '[0-9]/named'
udp  0  0 127.0.0.1:53        0.0.0.0:*   6481/named
udp  0  0 10.0.0.1:53         0.0.0.0:*   6481/named
udp  0  0 192.168.1.1:53      0.0.0.0:*   6481/named
udp  0  0 172.30.255.200:53   0.0.0.0:*   6481/named
...

    It is one process. If I guess this right it binds to many sockets and
sends replies via the socket it got the query from, just like when you
bind to only one interface(IP) you get replies fine (but I'm only guessing).
Is my guess right? Will in this case source be guaranteed?

-- 
Regards,
  Doncho N. Gunchev    Registered Linux User #291323 at counter.li.org
  GPG-Key-ID: 1024D/DA454F79                        http://pgp.mit.edu
  Key fingerprint = 684F 688B C508 C609 0371  5E0F A089 CB15 DA45 4F79

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users