Your bridge script uses eth1, but your ifconfig output says eth0. Which one is correct ?
Firewall.
You are on the way to create a loop on your ethernet network. Not a funny thing.
Maybe the linux bridge code will detect it, and cut one redundant connection, but if it cuts
the physical connection (as opposed to the tunelled one), the vpn hosts will be cut oof the LAN.
Simply put: do not bridge a network to itself.
Regards,
David
Hello,
I am trying to setup a ethernet bridge between tow linux box
located inside the same network 192.168.112/24 to learn
about L2 VPNs with openvpn.
I did all the ethernet bridgin howto steps and I loose the
concectivity connection with the VPN server.
At the beginning the ifconfig command output shows as follow
eth0 Link encap:Ethernet HWaddr 00:0F:1F:99:F5:D9
inet addr:192.168.112.72 Bcast:192.168.112.255
Mask:255.255.255.0
inet6 addr: fe80::20f:1fff:fe99:f5d9/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:9902 errors:0 dropped:0 overruns:0 frame:0
TX packets:788 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1213638 (1.1 MiB) TX bytes:69707 (68.0 KiB)
Interrupt:16
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:838 errors:0 dropped:0 overruns:0 frame:0
TX packets:838 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:144724 (141.3 KiB) TX bytes:144724 (141.3 KiB)
After I execute brigde-start.sh the ifconfig command output shows:
br0 Link encap:Ethernet HWaddr 00:0F:1F:99:F5:D9
inet addr:192.168.112.72 Bcast:192.168.112.255
Mask:255.255.255.0
inet6 addr: fe80::20f:1fff:fe99:f5d9/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:9902 errors:0 dropped:0 overruns:0 frame:0
TX packets:788 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:112286 (109.6 KiB) TX bytes:468 (468.0 b)
eth0 Link encap:Ethernet HWaddr 00:0F:1F:99:F5:D9
inet6 addr: fe80::20f:1fff:fe99:f5d9/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:9902 errors:0 dropped:0 overruns:0 frame:0
TX packets:788 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1213638 (1.1 MiB) TX bytes:69707 (68.0 KiB)
Interrupt:16
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:838 errors:0 dropped:0 overruns:0 frame:0
TX packets:838 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:144724 (141.3 KiB) TX bytes:144724 (141.3 KiB)
tap0 Link encap:Ethernet HWaddr 26:38:31:69:7A:C2
inet6 addr: fe80::2438:31ff:fe69:7ac2/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
The brigde-start.sh script is as follow:
#!/bin/bash
#################################
# Set up Ethernet bridge on Linux
# Requires: bridge-utils
#################################
# Define Bridge Interface
br="br0"
# Define list of TAP interfaces to be bridged,
# for example tap="tap0 tap1 tap2".
tap="tap0"
# Define physical ethernet interface to be bridged
# with TAP interface(s) above.
eth="eth1"
eth_ip="192.168.112.71"
eth_netmask="255.255.255.0"
eth_broadcast="192.168.112.255"
for t in $tap; do
openvpn --mktun --dev $t
done
brctl addbr $br
brctl addif $br $eth
for t in $tap; do
brctl addif $br $t
done
for t in $tap; do
ifconfig $t 0.0.0.0 promisc up
done
ifconfig $eth 0.0.0.0 promisc up
ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast
Then I execute openvpn; /usr/sbin/openvpn --config vpnServer.conf
Before that I loose the connection from any box of the same net to the
server, but I can ping from the server to any box of the network.
If I loose the connection with the server clients can't connect and
establish
a tunnel between them and the server.
Can anybody help me?.
I look fordward to hearing from you soon.
Respectfully,
José Antonio Olivera Ortega.
--
José Antonio Olivera Ortega
Automóvil Conectado - Telefónica I+D
Teléfono: 913340330 Ext. 1000
Email: jaoo62@xxxxxx
--
-------------------------------------------------------------------------
SF.Net email is sponsored by: The Future of Linux Business White Paper
from Novell. From the desktop to the data center, Linux is going
mainstream. Let it simplify your IT future.
http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users