[OpenVPN home]	[Date Prev]	[Date Index]	[Date Next]
[OpenVPN mailing lists]	[Thread Prev]	[Thread Index]	[Thread Next]

[Openvpn-users] Re: STP and fully-connected mesh of bridges

Subject: [Openvpn-users] Re: STP and fully-connected mesh of bridges
From: Patrick Cervicek <patrick@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Sat, 03 Sep 2005 14:26:27 +0200

Nick Maynard wrote:

We're using bridged ethernet to accomplish network bridging, so each node has a
bridge device consisting of the node's ethernet connection and both VPN TAP
devices on that node.

All hosts are on the class-A 10.*.*.* subnet, with IP conflicts resolved by
allocating a class-B address space (10.x.*.*) to each network.  DHCP queries
have naturally been blocked over the VPN by using ebtables.

In order to avoid loops, etc., we've enabled STP on our VPN nodes.

The upshot of all this is the following:  we now have a fully functioning,
pretty rock-solid implementation.

Sadly we have a niggle (there's always one).  Because we're using STP, one node
is always elected as the root node.  Lets's say node A is elected.  Now all
communications from C -> B must go through A.  This is slower than the ideal
situation, where comms from C -> B (and back) would go through the C -> B VPN
link.


Why do you use STP?
Why do you use bridging (tap) instead of routing (tun)?


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-09/msg00023.html on line 189

Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-09/msg00023.html on line 189