[Users] OpenVPN and Wiki documentation
Marc Aymerich
glicerinu at gmail.com
Wed Aug 25 16:04:56 EDT 2010
On Wed, Aug 25, 2010 at 9:06 PM, Tim Nelson <tnelson at rockbochs.com> wrote:
> ----- "Marc Aymerich" <glicerinu at gmail.com> wrote:
> >
> >
> >
> > On Wed, Aug 25, 2010 at 8:37 AM, Marc Olive <marc.olive at grupblau.com>wrote:
> >
>>
>>
>> > Hello,
>> >
>> > I've setup an openvpn server inside an openvz container, it works fine,
>> but I
>> > had to make a veth interface instead a venet in order to reach hosts
>> behind
>> > the vpn server.
>> > As this is not mentioned in the wiki[1] I had some troubles at first
>> since I
>> > realized it. It should be mentioned in the wiki.
>> >
>> > Regards,
>> >
>> > [1] http://wiki.openvz.org/VPN_via_the_TUN/TAP_device
>> >
>> > --
>> >
>
>
> >
>
> >
> Hi Marc,
> I have too an openvn server running inside a container and I use venet
> interface without any trouble. Why do you think that veth is necessary?
>
> ---
>
>
> Yes, but are you routing traffic from the VPN connected clients through
> your container to other hosts? Because of the way venet works, there are
> some intermediary hops and internal routing that happens which makes this
> setup somewhat difficult. I'm still trying to find the answer to this
> myself. Switching to veth works fine, but unfortunately breaks another
> component of the applications we use. It's complicated... long story.
>
>
Hi Tim,
I use OpenVPN in order to reach the datacenter(DC) private network from the
office workstations. I have the OpenVPN server running inside a container in
one of the DC servers. On the office side I have 2 vpn clients. The clients
can reach any DC private ip destination. To avoid complicated routing tables
on the VPN server I use NAT :). Maybe I don't have problems because I use
NAT, but until this morning I solved any venet related problem using tcpdump
and iproute sentences. I'm saying "until this morning" because just right
now I have sent an email to the list asking for help for problems related to
venet routing :)
Is out there any 'low level' documentation to understand how venet
internally works? I'd really appreciate to read something about that.
--
Marc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://openvz.org/pipermail/users/attachments/20100825/d9621ec1/attachment.html
More information about the Users
mailing list