[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] port-share with

  • Subject: Re: [Openvpn-users] port-share with
  • From: christian <openvpn-users@xxxxxxxxxxx>
  • Date: Sat, 27 Oct 2007 09:59:44 +0200

On Fri, Oct 26, 2007 at 09:40:22PM -0400, Colin Ryan wrote:
> I just can't this to work for me...I've tried with apache running on 
> port 80 as my desired 443 process is a java process so I didn't want to 
> introduce more variables...either apache or openvpn complain about 
> binding to used port as one would expect without such a function. I've 
> also tried with 443 I get the same results.
> TCP/UDP: Socket bind failed on local address Address 
> already in use
> TCP/UDP: Socket bind failed on local address Address 
> already in use

not meaning to annoy you - from `man openvpn`:
--port-share host port
When run in TCP server mode, share the OpenVPN port with
another application, such as an HTTPS server.  If OpenVPN
senses a connection to its port which is using a non-OpenVPN
protocol, it will proxy the connection to the server at

the important part being, imho, 'proxy the connection'.

*real* port sharing in the sense that a port on an address is shared by 
two processes doesn't seem to be possible from the os architecture 
point of view...

what openvpn can and does, afaict, is:
- it listens on port 443
- accepts connections
- uses a connection if it is meant as an openvpn one
- *proxies* a connection to a target address/port, if not for openvpn

it would follow that you either listen on 443 and proxy to an *other* 
host's port 443, or to an *other* port on the same host.

the second scenario, of course, would call for your port 443 server to 
listen not on 443, but on said other port.

[a multihomed port can be treated as 'other host', methinks].


if i have totally misunderstood what you want to do, an extended 
description (hosts/addresses/ports/processes involved) might help 
me to better understand. ;-)
OpenVPN mailing lists