Re: [Openvpn-users] Bridging two tap Interfaces

  • Subject: Re: [Openvpn-users] Bridging two tap Interfaces
  • From: "Michael Jürgens" <openvpn@xxxxxxxxxxxxx>
  • Date: Sat, 08 Sep 2007 12:32:59 +0200

Hi Dave,
thanks for your reply.
I´ve found the pitfall. It was iptables.
Putting a rule "iptables -A FORWARD -i br0 -o br0 -j ACCEPT" fixes the

It is a little bit brasy because tcpdump doesn´t show the packets on br0
- only on tap0 anp 1.



Dave schrieb:
>> is it possible to bridge two tap interfaces?
>> I´ve tried the following:
>> Server:
>> - br0 bridges tap0 and tap1
>>> brctl show br0
>> bridge name     bridge id               STP enabled     interfaces
>> br0             8000.965a950332fc       no              tap1
>>                                                         tap0
> I run a setup with a bridge of 2 tap devices, and it works happily.  My need
> is that I run two openvpn instances, one for TCP and one for UDP, and they
> are both bridged to the eth0 adapter.  I mention this because I notice you
> don't have eth0 in your bridge but maybe you do this so that the VPN makes
> some sort of private network separate from your lan?
> Also, iptables works at layer 3; a similar thing relevant for leyer 2 (e.g.
> bridges) is ebtables.  I haven't used it so I can't really comment further.
> -Dave

