[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] how to dynamic ip


  • Subject: Re: [Openvpn-users] how to dynamic ip
  • From: Matt Clauson <mec@xxxxxxxxxx>
  • Date: Thu, 10 Jan 2008 15:34:04 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Damian Rivas wrote:
| Just use Dynamic DNS to use a single domain name for your public dynamic
| IP.
|
| Then in the client config file, just use "remote myvpnserver.com",
| instead of "remote <IP>".
|
| The Dynamic DNS will resolv "myvpnserver.com" to your public IP, no
| matter how many times it changes(that's the joke of Dynamic DNS).
|
| No changes on the server config file are needed.

Couple of additional notes here:

1) Turn "down" your keepalive/timeout values.  That way if the 'server'
side of the link changes IPs, it will take less time to recover.

2) I'm not certain if OpenVPN re-resolves the IP every time it tries to
renew the connection or not.  If it doesn't, you may have some problems
with making this work 'automagically', at least without doing some code
patches.

3) Make certain that the TTL (Time-To-Live) on the DNS record is *VERY
SHORT* -- if it isn't, you could also be looking at long recovery times.
~ I would set it to 5 minutes, as a maximum.  Also, hope that your ISP's
DNS resolvers (if you don't run your own) pay attention to the TTL field.

- --mec
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHhp1bvDNtj3aXDYkRAnSjAJ9jz0q+Bv7opkIa93mjYVv+boQ3DgCfR2r6
yThtpxz9zyJVBg4dMDqH1uY=
=aNat
-----END PGP SIGNATURE-----
______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users