LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 12-10-2007, 08:57 AM   #1
deadeyes
Member
 
Registered: Aug 2006
Posts: 605

Rep: Reputation: 78
OpenVPN point-to-point address question


Ok, I think my setup works because I can ping both sides (I think). If I ping from the server to 192.168.100.6 I get a reply and if I ping at the client to 192.168.100.1 I also get a reply)

But there is something confusing in the output of ifconfig on client and server. Like you can see below, on both hosts, I have different IP addresses for the point-to-point.
I wonder why the client uses 192.168.100.6=>192.168.100.5 while the server is using other IP addresses (192.168.100.1=>192.168.100.2)

Why are these different? Or am I doing something wrong?

Thanks in advance!


Ifconfig vpn server:
Code:
eth0      Link encap:Ethernet  HWaddr xx:xx:xx:xx:xx:xx  
          inet addr:10.0.0.21  Bcast:10.0.0.255  Mask:255.255.255.0
          inet6 addr: xxxx::xxx:xxxx:xxxx:xxxx/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5888 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3430 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:7581663 (7.2 MiB)  TX bytes:291627 (284.7 KiB)
          Interrupt:10 Base address:0xc100 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:16 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1232 (1.2 KiB)  TX bytes:1232 (1.2 KiB)

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:192.168.100.1  P-t-P:192.168.100.2  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
Ifconfig vpn client:
Code:
eth0      Link encap:Ethernet  HWaddr xx:xx:xx:xx:xx:xx  
          inet addr:10.0.0.22  Bcast:10.0.0.255  Mask:255.255.255.0
          inet6 addr: xxxx::xxx:xxxx:xxxx:xxxx/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5988 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4161 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:7595595 (7.2 MiB)  TX bytes:400998 (391.5 KiB)
          Interrupt:10 Base address:0xc100 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:17 errors:0 dropped:0 overruns:0 frame:0
          TX packets:17 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1344 (1.3 KiB)  TX bytes:1344 (1.3 KiB)

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:192.168.100.6  P-t-P:192.168.100.5  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

These are my configs:

Server.conf
Code:
dev tun
mode server

tls-server
tls-auth keys/ta.key 0
dh keys/dh1024.pem
ca keys/ca.crt
cert keys/server.crt
key keys/server.key
duplicate-cn

server 192.168.100.0 255.255.255.0
ifconfig-pool-persist ipp.txt

up ./server.up
push "redirect-gateway def1"

user nobody
group nobody

ping 15
verb 3
log-append /var/log/openvpn/openvpn.log
status /var/log/openvpn/status.log
Client.conf
Code:
dev tun

remote x.x.x.x

tls-client
tls-auth keys/ta.key 1
ca keys/ca.crt
cert keys/client1.crt
key keys/client1.key

pull

port 1194
user nobody
group nobody

ping 15
verb 3
log-append /var/log/openvpn/openvpn.log
status /var/log/openvpn/status.log
 
Old 12-11-2007, 11:09 AM   #2
ledow
Member
 
Registered: Apr 2005
Location: UK
Distribution: Slackware 13.0
Posts: 241

Rep: Reputation: 34
That's just normal.

I have exactly the same here and I've been using OpenVPN for ages.

From the client side, .5 is the server and from the server side .2 is the client. All the other numbers are just routed at either end, so the server knows to contact .2 when it needs to talk to anything past .5 and the client knows that it's both .5 and .6

It comes about because OpenVPN is routing networks not just individual IP addresses. The "gateway" for each network is the PtP address that you get, even if there's only one client on that particular virtual network.

It also lets you do clever tricks like bridging seperated networks as if they were one and also stopping (or allowing) one client connected over OpenVPN to see other clients connected over OpenVPN.

It's possible, for example, to form an ad-hoc secure network over several disparate locations by having one OpenVPN client on each network and a server somewhere and have all the relevant computers "see" each other as if they were local. When it comes to this sort of situation, you're better off letting OpenVPN do the numbering for you because it quickly becomes a nightmare and "standard" DHCP doesn't help matters at all. That's what's happened here.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Wireless Network - Point to Point Bridge fukawi2 Linux - Wireless Networking 2 07-08-2007 10:59 PM
telnet not work in Point to Point connected FC6 boxes techteacher Linux - Networking 4 05-06-2007 09:50 AM
Mandrake MNF with point-to-point T1, routers ioannes Linux - Networking 0 07-24-2003 08:59 AM
Is there a detailed point by point comparison on Linux to Windows? Paul Parr Linux - General 4 04-26-2003 02:35 AM
point to point address assignment of ppp0 andyn Linux - Networking 0 10-11-2002 10:45 PM


All times are GMT -5. The time now is 06:14 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration