[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] server directive (tun mode)


  • Subject: Re: [Openvpn-users] server directive (tun mode)
  • From: Erich Titl <erich.titl@xxxxxxxx>
  • Date: Thu, 19 Jul 2007 06:40:51 +0000

Juan

Juan Jose Tomas Canovas wrote:
> Hello, all and sorry for my english.
>  
> 
> I´m confused about this directive: 
> 
> ** 
> 
> *        --server network netmask* 
> 
>  
> 
> I get this example for the openvpn man page: 
> 
> For example, *--server 10.8.0.0 <http://10.8.0.0> 255.255.255.0
>  <http://255.255.255.0>* expands as follows: 
> 
>     **
> 
>      mode server
>      tls-server
> 
>      if dev tun:
>        ifconfig 10.8.0.1 <http://10.8.0.1> 10.8.0.2 <http://10.8.0.2> 
>        ifconfig-pool 10.8.0.4 <http://10.8.0.4> 10.8.0.251 <http://10.8.0.251>
>        route 10.8.0.0 <http://10.8.0.0> 255.255.255.0 <http://255.255.255.0>
>        if client-to-client:
>          push "route 10.8.0.0 <http://10.8.0.0> 255.255.255.0 <http://255.255.255.0>"
>        else
>          push "route 10.8.0.1 <http://10.8.0.1>"
> 
>      if dev tap:
>        ifconfig 10.8.0.1 <http://10.8.0.1> 255.255.255.0 <http://255.255.255.0>
>        ifconfig-pool 10.8.0.2 <http://10.8.0.2> 10.8.0.254 <http://10.8.0.254> 255.255.255.0 <http://255.255.255.0>
>        push "route-gateway 10.8.0.1 <http://10.8.0.1>"
> 
> But the question is:
> 
> If this tun device have two IP addresses (10.8.0.1 <http://10.8.0.1> in server side and 
> 10.8.0.2 <http://10.8.0.2> in the other side) and I have a pool of IP addresses allocated to connecting clients (with the directive: ifconfig-pool 10.8.0.4 <http://10.8.0.4> 
> 10.8.0.251 <http://10.8.0.251>); whom is the IP address source when a client (for example 10.8.0.4 <http://10.8.0.4>) send an IP packet through the tunnel to the server ?????? 10.8.0.4 <http://10.8.0.4> or 
> 10.8.0.2 <http://10.8.0.2> ??????? 

In the _classic_ environment (not infrastructure) 10.8.0.4 will be
unlikely, as this is a /30 network address comprising of 10.8.0.4-7 so
your address most likely will be 10.8.0.6

cheers

Erich


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users