[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] openVPN full meshed

  • Subject: Re: [Openvpn-users] openVPN full meshed
  • From: Leonard Isham <leonard.isham@xxxxxxxxx>
  • Date: Mon, 17 Jan 2005 11:13:12 -0500

On Mon, 17 Jan 2005 15:25:44 +0100, kesko78@xxxxxxxxx <kesko78@xxxxxxxxx> wrote:
> On Jan 17, 2005, at 3:03 PM, Leonard Isham wrote:
> >> Surely, but unless i open (A->D) and (A->C and/or B->D) ,... that
> >> question was in the END of mail...
> >> That's only an explanation of what i'm doing for implementing a
> >> partial
> >> mesh and
> >> where i've troubles...
> >>
> >> Each node in my network need to act as server and as client..
> >> If I assign a separate subnet for each server (and clients that
> >> connects to it), i've resolved
> >> that, but i need to know if i can use a single subnet on all VPN...
> >>
> >
> > Let's skip semantics.
> >
> > Each site must have it's own subnet that can be routed.  Do yourself a
> > favor and don't use the same subnet at more than one site.
> Sorry, missing part: I'm talking about addresses and subnets used by
> virtual VPN addresses (tun or tap)...

Just like each site needs it's own subnet and IP addresses each tunnel
neesd it's own IP and subnets.  FWIW Each client-server connection is
like a private WAN link.

Just as an FYI.  If you had put example IPs and subnets in the diagram
It would have been easier to understand.

> > Set up your first site two sites (One server and one client) and get
> > that working then add the third site ( making sure the routing is
> Add third as client?

I's try to minimize the clients make use of the server's scalability.

> > working between all three sites (here it would be nice if your subnets
> > could be agrigated via CIDR to keep yopur routing tables small.
> >
> > The add your fourth site and test routing...
> Also that as client?

Same as above.

Leonard Isham, CISSP 
Ostendo non ostento.

The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
Openvpn-users mailing list