[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] openVPN full meshed


  • Subject: Re: [Openvpn-users] openVPN full meshed
  • From: Leonard Isham <leonard.isham@xxxxxxxxx>
  • Date: Mon, 17 Jan 2005 09:03:23 -0500

On Mon, 17 Jan 2005 14:49:21 +0100, kesko78@xxxxxxxxx <kesko78@xxxxxxxxx> wrote:
> 
> On Jan 17, 2005, at 2:19 PM, Leonard Isham wrote:
> 
> > On Mon, 17 Jan 2005 13:20:30 +0100, kesko78@xxxxxxxxx
> > <kesko78@xxxxxxxxx> wrote:
> >>
> >> I'm trying to create a partially meshed network with openVPN, but i
> >> have a question:
> >>
> >> Imagine that i have following scenario:
> >>
> >> [Host A] VPNClient1
> >>      |
> >>      |
> >>      |
> >> [Host B] VPNServer2 and VPNClient2
> >>      |
> >>      |
> >>      |
> >> [Host C] VPNServer3
> >>      |
> >>      |
> >>      |
> >> [Host D] VPNClient4
> >>
> >> imagine that (the connections can't be moved...):
> >>
> >> 1) VPNClient1 opens a connection to VPNServer2 (A --> B)
> >> 2) VPNClient4 opens a connection to VPNServer3 (D --> C)
> >> 3) VPNClient2 opens a connection to VPNServer3 (B --> C)
> >>
> >
> > Unless I'm missing something this isn't a partial mesh.
> 
> Surely, but unless i open (A->D) and (A->C and/or B->D) ,... that
> question was in the END of mail...
> That's only an explanation of what i'm doing for implementing a partial
> mesh and
> where i've troubles...
> 
> Each node in my network need to act as server and as client..
> If I assign a separate subnet for each server (and clients that
> connects to it), i've resolved
> that, but i need to know if i can use a single subnet on all VPN...
> 

Let's skip semantics.

Each site must have it's own subnet that can be routed.  Do yourself a
favor and don't use the same subnet at more than one site.

Set up your first site two sites (One server and one client) and get
that working then add the third site ( making sure the routing is
working between all three sites (here it would be nice if your subnets
could be agrigated via CIDR to keep yopur routing tables small.

The add your fourth site and test routing...
-- 
Leonard Isham, CISSP 
Ostendo non ostento.


-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users