Hellooo...,
I'm testing openVPN using 2 FreeBSD machines, I use
TAP interfaces to relay ethernet frames from the LAN where
the openVPN server sits down to my client at home.
The server has 2 interfaces, the outer which I use in --remote,
and the inner which is the LAN I want to access at home.
The problem that I'm experiencing is that I'm not able to ping
the inner interface of the server from home.
Is this something I should expect ? I mean,
Linux has the same problem ?
I'm wondering how this kind of encapsulation works, I think
(please correct me if I'm wrong) it should be like this:
1. The client's routing table decides that a packet must be sent
through its TAP interface.
2. The TAP interface is read by openVPN (read() from TAP?),
which encapsulates the ethernet frame in TCP/UDP
and sends it to the server.
3. The server desencapsulates the packet, and then inserts
the ethernet frame in the corresponding TAP device
(write() to TAP?)
Supposing the TAP and real-ethernet interface are bridged
on the server, what can be the reason I can not ping the
real-interface leg ?
I think that it might be caused because the ARP request is sent off
through the inner interface and the server doesn't realize
that he's got the answer, or in other words, the server doesn't listen
to its own ethernet broadcast packets ???
Does all this make sense ? Im quite lost :)
--
Sex without love is an empty experience, but, as empty experiences go,
it's one of the best.
-- Woody Allen
