[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] iTunes sharing over OpenVPN?

  • Subject: Re: [Openvpn-users] iTunes sharing over OpenVPN?
  • From: Les Mikesell <lesmikesell@xxxxxxxxx>
  • Date: Sun, 24 Jun 2007 10:46:09 -0500

Philip Brocoum wrote:

> I've received many replies, so thank you all.  The basic message I've
> been getting however is that Bonjour / multicasting cannot be routed
> over a VPN?  Or, in other words, iTunes sharing over the Internet is
> impossible.
> Drat.

It isn't impossible to route multicast.

> Out of curiosity, what exactly does a VPN do?  Because I thought it
> made it seem as though many computers in distant places were all on
> the same local network.  However, if this were the case, why wouldn't
> network services work, such as iTunes sharing?

In bridged mode, a VPN does make the computers appear to be on the same 
local subnet and they share the same address range.  However there are 
disadvantages to passing all broadcasts and multicast (which are 
intended to be local for a reason) across the VPN so routed connections 
are more common. If you want to split the difference between blindly 
forwarding everything and not at all, there are ways to proxy specific 
services across locations. This http://www.avahi.org/wiki/AboutAvahi
looks like it can proxy mdns.

> The explanation I'm leaning towards now is this: a VPN gives each
> computer a special IP address, and if you connect to a remote computer
> using that specified IP address, all traffic between you and that
> computer will be encrypted.  And you don't have to worry about port
> forwarding like you have to with ssh.  Is that the general gist of it?
>  And, since you can't tell iTunes the specific IP address of the
> computer you want to share with, iTunes sharing doesn't work.
> Kind of a non-technical description, but what do you think?

Routed VPN's give you a way to route to end points that would not 
otherwise be reachable due to firewalling or private (non-routed) 

> *sigh* why do VPNs have to be so complicated? ;-P

They act just like any other network connection.  You would have exactly 
  the same issue if you arranged a private T1 connection between the 2 
points and connected via routers.

   Les Mikesell

Openvpn-users mailing list