Re: [Openvpn-users] OpenVPN Bridging - Windows XP - DHCP

  • Subject: Re: [Openvpn-users] OpenVPN Bridging - Windows XP - DHCP
  • From: paul <paul@xxxxxxxxxxxxx>
  • Date: Tue, 24 Jul 2007 12:20:49 +0200

Josh Cepek schrieb:
> Vincent wrote:
>> I have, hopefully, an easy question.  I have setup a small, bridged OpenVPN
>> across our different store locations under Windows XP.  All seems to work well
>> with one small hiccup.  Occasionally, one of the client computers at one
>> location will pull a DHCP lease from  a router at one of the other stores. 
>> Needless to say, this leads to some problems.  Is there a way to prevent DHCP
>> traffic from crossing the VPN or a way to specify the DHCP server to be used
>> under Windows XP?  Thank you for your assistance.
>> Vincent
> With DHCP most clients accept the first offer it gets, and that's
> usually going to be the local DHCP server, but not always depending on
> conditions; this leads to the behavior your noticed.  Don't use a
> bridged setup if you don't want all the DHCP servers to respond to every
> DHCP request.  Bridging is logistically the same as connecting each site
> together with a switch.  If you don't want broadcast traffic (like DHCP
> requests) to traverse the sites then use a routed setup with tun
> adapters (not tap.)
That's good advice, however broadcasts are needed for services like 
WINS, rendezvous and others. If the OpenVPN bridge runs linux you can 
selectively filter layer2 stuff with ebtables. There might be other 
solutions for other operating systems for layer2 filtering worth googling.


