Init Script dependencies (Was [gentoo-user] openvpn and nfsmount)
Hello again! Nevertheless I've used this many times before, and although realtime performance isn't especially good, I certainly wouldn't go so far as to call it unstable. I've used OpenVPN to interconnect workstations and servers in Argentina, using all from Cable internet to ADSL, and GPRS modems. It rocks. I also never experienced any stability problems with OpenVPN. And NFS, well, it's NFS. I don't love it, but I've used NFS exports from a 14.k modem... So... maybe he is having internet issues, router issues, firewall issues, compilation issues... but OpenVPN and NFS, given a relatively good network environment, work more than OK. NFS works great for me, too. I don't see why I should not use it. But going back to the original topic, which was not really about the pros and cons of OpenVPN and NFS. (Maybe I should have chosen another subject.) How can I adjust init script dependencies based on ESSID / IP adress or network devices that are up and running? Thanks in advance Patrick signature.asc Description: This is a digitally signed message part.
Re: Init Script dependencies (Was [gentoo-user] openvpn and nfsmount)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Patrick Holthaus wrote: How can I adjust init script dependencies based on ESSID / IP adress or network devices that are up and running? I'd just remove the stock, for example, /etc/init.d/openvpn script. Write my own, (one that checks ESSID/IP and acts accordingly). Why? Well, I guess dynamic run-time dependencies are not something Gentoo can provide right away. That's why when you modify an init.d script dependencies are analyzed and re-built. - -- Arturo Buanzo Busleiman - Consultor Independiente en Seguridad Informatica Servicios Ofrecidos: http://www.buanzo.com.ar/pro/ Unase a los Foros GNU/Buanzo - La palabra Comunidad en su maxima expresion. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG1q3mAlpOsGhXcE0RChHvAJ9bQh3plnI6UHzECrsB01LEbljGvACeI6ra 8D3ckr+odKHP2EpvfNlKaCE= =sL4l -END PGP SIGNATURE- -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] openvpn and nfsmount
And NFS, well, it's NFS. I don't love it, but I've used NFS exports from a 14.k modem... So... maybe he is having internet issues, router issues, firewall issues, compilation issues... but OpenVPN and NFS, given a relatively good network environment, work more than OK. I would still use tcp rather than UDP for NFS if I was going to mount it over a slow network. I did some benchmarks for my wireless and wired network and TCP clearly beats UDP on files over 1MB. I know the wireless limitations have something to do with it as well, but it's my $0.02.
Re: [gentoo-user] openvpn and nfsmount
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Eric Martin wrote: I would still use tcp rather than UDP for NFS if I was going to mount it over a slow network. I did some benchmarks for my wireless and wired network and TCP clearly beats UDP on files over 1MB. I know the wireless limitations have something to do with it as well, but it's my $0.02. OpenVPN transports over UDP (or TCP, but it's not recommended, there is a paper about TCP encapsulation over TCP). - -- Arturo Buanzo Busleiman - Consultor Independiente en Seguridad Informatica Servicios Ofrecidos: http://www.buanzo.com.ar/pro/ Unase a los Foros GNU/Buanzo - La palabra Comunidad en su maxima expresion. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG1zPjAlpOsGhXcE0RCgdAAJ9CaBk4jBemiI6zzVbTBq2l7csgfwCfbxrn CI2KgpQ3gBBRW6Ghb1MLVYQ= =2OkK -END PGP SIGNATURE- -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] openvpn and nfsmount
It isn't good idea to mount nfs over openvpn. Both are highly unstable. You should try openssh and it's simple tunnel and ftp over it or any other networked file system. If you really need to use nfs set it to use tcp. -- Morpheus: No, what happened, happened and couldn't have happened any other way. On Tue, 28 Aug 2007, Patrick Holthaus wrote: Hello! I am having difficulties in setting up nfs with my laptop. I have an openvpn server running at home that can be reached via dynamic dns from the outside world. Now i would like to mount my nfs exports from everywhere I am. These exports are only available in the vpn subnet (10.8.0.*). There are basically three scenarios (all via net.wlan0): 1. Home: - Direct connection to the openvpn server with a static private IP adress (192.168.1.xxx) - ESSID is fixed (e.g. home) - The openvpn service can be started via /etc/init.d/openvpn.home start (it is properly configured via /etc/openvpn/home.conf - After that net.tap0 can be started and gets an ip adress inside the vpn (e.g. 10.8.0.100) if i have the following in /etc/conf.d/net: config_tap0=( dhcp ) mac_tap0=00:FF:22:33:44:55 RC_NEED_tap0=openvpn.home 2. Remote: - Connection via internet - This time the openvpn service has to be started via /etc/init.d/openvpn.remote start (because the config for that resides in /etc/openvpn/remote.conf) - You see that i have to change a line in /etc/conf.d/net to get things to work: config_tap0=( dhcp ) mac_tap0=00:FF:22:33:44:55 RC_NEED_tap0=openvpn.remote Question is: Can I avoid changing these lines everytime I travel around? 3. Remote via vpnc: - Connection via internet (so openvpn.remote has to be used) - ESSID fixed (e.g. unibi) - Additionally: The vpnc service (/etc/init.d/vpnc.uni) has to be active Second question: Can I start the vpnc service by knowing the ESSID of my wireless network, and if I can: how? Thanks for your time Patrick -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] openvpn and nfsmount
On Wed, 29 Aug 2007 21:18:47 +0200 (CEST) Cipher van Byte [EMAIL PROTECTED] wrote: It isn't good idea to mount nfs over openvpn. Both are highly unstable. Openvpn is highly unstable? really? mine's been up for days. NFS is highly unstable? Hardly. Perhaps you mean that it's unstable over openvpn, especially with UDP whose retransmission for slow links like the internet isn't optimal. Nevertheless I've used this many times before, and although realtime performance isn't especially good, I certainly wouldn't go so far as to call it unstable. Any feedback? -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] openvpn and nfsmount
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Dan Farrell wrote: Nevertheless I've used this many times before, and although realtime performance isn't especially good, I certainly wouldn't go so far as to call it unstable. I've used OpenVPN to interconnect workstations and servers in Argentina, using all from Cable internet to ADSL, and GPRS modems. It rocks. And NFS, well, it's NFS. I don't love it, but I've used NFS exports from a 14.k modem... So... maybe he is having internet issues, router issues, firewall issues, compilation issues... but OpenVPN and NFS, given a relatively good network environment, work more than OK. - -- Arturo Buanzo Busleiman - Consultor Independiente en Seguridad Informatica Servicios Ofrecidos: http://www.buanzo.com.ar/pro/ Unase a los Foros GNU/Buanzo - La palabra Comunidad en su maxima expresion. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG1hMeAlpOsGhXcE0RCgK2AJ9XX9CccDDyoLAv7Qdv1VCiGeEt4ACfbFLV xCbgUiIH5vrEEs4nyh8bW3w= =MHR/ -END PGP SIGNATURE- -- [EMAIL PROTECTED] mailing list
[gentoo-user] openvpn and nfsmount
Hello! I am having difficulties in setting up nfs with my laptop. I have an openvpn server running at home that can be reached via dynamic dns from the outside world. Now i would like to mount my nfs exports from everywhere I am. These exports are only available in the vpn subnet (10.8.0.*). There are basically three scenarios (all via net.wlan0): 1. Home: - Direct connection to the openvpn server with a static private IP adress (192.168.1.xxx) - ESSID is fixed (e.g. home) - The openvpn service can be started via /etc/init.d/openvpn.home start (it is properly configured via /etc/openvpn/home.conf - After that net.tap0 can be started and gets an ip adress inside the vpn (e.g. 10.8.0.100) if i have the following in /etc/conf.d/net: config_tap0=( dhcp ) mac_tap0=00:FF:22:33:44:55 RC_NEED_tap0=openvpn.home 2. Remote: - Connection via internet - This time the openvpn service has to be started via /etc/init.d/openvpn.remote start (because the config for that resides in /etc/openvpn/remote.conf) - You see that i have to change a line in /etc/conf.d/net to get things to work: config_tap0=( dhcp ) mac_tap0=00:FF:22:33:44:55 RC_NEED_tap0=openvpn.remote Question is: Can I avoid changing these lines everytime I travel around? 3. Remote via vpnc: - Connection via internet (so openvpn.remote has to be used) - ESSID fixed (e.g. unibi) - Additionally: The vpnc service (/etc/init.d/vpnc.uni) has to be active Second question: Can I start the vpnc service by knowing the ESSID of my wireless network, and if I can: how? Thanks for your time Patrick signature.asc Description: This is a digitally signed message part.