Hi, On Tue, Aug 06, 2013 at 10:08:03AM -0500, Les Mikesell wrote: > On Tue, Aug 6, 2013 at 4:52 AM, David Sommerseth > <openvpn.l...@topphemmelig.net> wrote: > > > > * Learn about TCP/IP networking, read especially chapter 3.1 in this > > book: <http://www.redbooks.ibm.com/redbooks/pdfs/gg243376.pdf>. I'll > > repeat: You MUST know how network traffic travels between hosts and routers. > > Maybe, maybe not... Lots of people would be perfectly happy with a > bridged configuration - which isn't recommended because of performance > issues on large scales.
Which mostly isn't recommended because it's no easier than routed, it
just pretends to. After setting "basic bridged", people usually ask how
to connect another network behind the "bridged client" node, and then
you're fully back into routing land...
> And at least an equal number would be happy
> with the openvpn host doing NAT on its LAN interface.
Now that is why OpenVPN AS exists :-) - it does exactly this. Default
network is assigned to the tun interface (can be changed, but default
works), iptables NAT rules added automatically (can be turned off, but
on-by-default), stuff just works. Choices answered for you.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgpSZENQ2eezE.pgp
Description: PGP signature
