[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Bridging two tap Interfaces


  • Subject: Re: [Openvpn-users] Bridging two tap Interfaces
  • From: Marco Fretz <mailinglist@xxxxxxx>
  • Date: Mon, 10 Sep 2007 13:50:47 +0200

hello

im not sure, but i think brX interfaces are like carpX interfaces a 
logical interface and the doesnt show any traffic on it. but firewall 
rules applied to them may affect directly the interfaces "under" the 
bridge interface.

regards
marco


Michael Jürgens wrote:
> Hi Dave,
> thanks for your reply.
> I´ve found the pitfall. It was iptables.
> Putting a rule "iptables -A FORWARD -i br0 -o br0 -j ACCEPT" fixes the
> problem.
>
> It is a little bit brasy because tcpdump doesn´t show the packets on br0
> - only on tap0 anp 1.
>
> regards,
>
> Michael
>
> Dave schrieb:
>   
>>> is it possible to bridge two tap interfaces?
>>>
>>> I´ve tried the following:
>>>
>>> Server:
>>> - br0 bridges tap0 and tap1
>>>
>>>     
>>>       
>>>> brctl show br0
>>>>       
>>>>         
>>> bridge name     bridge id               STP enabled     interfaces
>>> br0             8000.965a950332fc       no              tap1
>>>                                                         tap0
>>>
>>>     
>>>       
>> I run a setup with a bridge of 2 tap devices, and it works happily.  My need
>> is that I run two openvpn instances, one for TCP and one for UDP, and they
>> are both bridged to the eth0 adapter.  I mention this because I notice you
>> don't have eth0 in your bridge but maybe you do this so that the VPN makes
>> some sort of private network separate from your lan?
>>
>> Also, iptables works at layer 3; a similar thing relevant for leyer 2 (e.g.
>> bridges) is ebtables.  I haven't used it so I can't really comment further.
>>
>> -Dave
>>
>>   
>>     
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2005.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
>   

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users