Re: [Openvpn-users] Re: LAN gaming over openVPN

  Subject: Re: [Openvpn-users] Re: LAN gaming over openVPN
  From: Leonard Isham <leonard.isham@xxxxxxxxx>
  Date: Wed, 1 Dec 2004 16:23:00 -0500

On Wed, 01 Dec 2004 21:21:08 +0100, Oliver Wittkopf
<oliver.wittkopf@xxxxxxxx> wrote:
> until now, im using the tap device for my openvpn network. my problem
> is, that the clients cant ping each other with their "real" ips. in my
> opinion, the broadcasts are responsable.
> i now read this quote:
> > Using ethernet bridging is only one possible solution.  If you can get your
> > client traffic to route at the IP level, then you use OpenVPN in --dev tun
> > mode to create a tun device linkage, then use route commands to route traffic
> > over the tun device.  This is somewhat more efficient than using tap devices
> > and ethernet bridging, but requires that you configure multicast routing.
> >
> > James
> it seams that in my case, the tun device is the better opinion. but an
> openvpn sample config says something else, i think:
> openvpn sample-config
> # You must use 'tap'
> # if you are ethernet bridging or want to route
> # broadcasts.  'tun' is somewhat more efficient
> # but requires configuration of client software
> # to not depend on broadcasts.

To get to all IPs assigned to a system you must use routing.  There is
no other option.

Attempting to use TAP and routing, IMHO, would be a nightmare. 
Without an in-depth knowledge of routing, and bridging you would be
forever in danger of it breaking at the wrong time...

Determine what you need broadcasts for and put in a non-broadcast
solution and use TUN.  As an example use WINS for netbios name

Leonard Isham, CISSP 
Ostendo non ostento.

