Hi Norman
I've been triying to mount vtun but something is failling and I can't find it.
This is my scheme
SiteA : part A of the network 192.168.4.0/24
|
+-------o-------------------------------+
| |\port eth1 in promisc mode |
| | |
| |-bridge br0 |
| | |
| o-VTUN tap0 in promisc mode |
| |
| /port eth0 public IP = 192.168.2.2 |
+-------o-------------------------------+
| computer A
|
+-----------------------------------------
| \port eth1 192.168.2.1
|
| Stupid router machine that I can't change
|
| \port eth0 192.168.0.2
+-----------------------------------------
|
| computer B
+-------o-------------------------------+
| \port eth0 public IP = 192.168.0.2 |
| |
| o-VTUN tap0 in promisc mode |
| | |
| |-bridge br0 |
| | |
| |/port eth1 in promisc mode |
+-------o-------------------------------+
|
SiteB : part B of the network 192,168.4.0/24
Computer A and B are debian 5.0
The problem is that vtun establish the conection but I think that the
up part is not done (because there isn't br0 , tap0 is down, and eth1
still have an ip) So I did it manually
But still have the same problem... machines in the network 192.168.4.0
on both sides didn't see the other side
Looking eth1 stats information is reciving everything (from the
network) but it doesn't put on tap0
Any idea?
Thanks in advance
2011/5/5 Norman Molhant <n...@csur.ca>:
> Hi Manuel!
>
>> I would like to know if its posible to establish a bridge (of the same
>> network in two different physical locations) over internet using vtun.
>>
>> It's possible ? Someone did it?
>
> Yes. Fairly easy. A little drawing explains a lot, so, here goes:
>
> Two physical locations: SiteA and SiteB.
>
> SiteA : part A of the network x.y.x.0/24
> |
> +-------o-------------------------------+
> | |\port eth0 in promisc mode |
> | | |
> | |-bridge br0 |
> | | |
> | o-VTUN tap0 in promisc mode |
> | |
> | /port eth1 public IP = a.b.c.d |
> +-------o-------------------------------+
> | computer A
> |
> the internet
> |
> | computer B
> +-------o-------------------------------+
> | \port eth1 public IP = e.f.g.h |
> | |
> | o-VTUN tap0 in promisc mode |
> | | |
> | |-bridge br0 |
> | | |
> | |/port eth0 in promisc mode |
> +-------o-------------------------------+
> |
> SiteB : part B of the network x.y.x.0/24
>
> The idea is quite simple:
>
> on SiteA, computer A has 2 ethernet ports:
> - eth1 is connected (with public IP a.b.c.d) to the internet
> - eth0 is connected (in promisc mode) to part A of the network
> x.y.x.0/24
> - bridge br0 includes eth0 and the tap (tap0) created by VTUN
> in "ether" type, both with promisc=on
> - computer A is configured as VTUN server
>
> on SiteB, computer B has 2 ethernet ports:
> - eth1 is connected (with public IP e.f.g.h) to the internet
> - eth0 is connected (in promisc mode) to part B of the network
> x.y.x.0/24
> - bridge br0 includes eth0 and the tap (tap0) created by VTUN
> in "ether" ether, both with promisc=on
> - computer B is configured as VTUN client
>
> For VTUN configuration details, the VTUN docs are relatively
> clear. Anyway, I manage Debian systems, so here come the
> /etc/default/vtun and /etc/vtund.conf files for both sites:
>
> ---- SiteA ----
>
> #*** /etc/default/vtun
>
> # Defaults for vtun initscript sourced by /etc/init.d/vtun
>
> # Should the standalone server be started?
> RUN_SERVER=yes
> SERVER_ARGS="-P 5000"
>
> #*** /etc/vtund.conf
>
> # VTun - Virtual Tunnel over TCP/IP network.
> # Copyright (C) 1998-2001 Maxim Krasnyansky <max...@yahoo.com>
> #
> # interface 0 is a tunnelled bridge br0
> # interface 1 is a physical point-to-point link
>
> options {
> type stand;
> bindaddr {
> iface eth1;
> };
> }
>
> default {
> type ether;
> # device tap; <<< this is always implied by "type ether", setting it causes
> problems
> proto udp;
> persist yes;
> keepalive yes;
> # compress lzo:1;
> compress no;
> encrypt no;
> stat no;
> speed 0;
> }
>
> ### server-side tunnel BA between Client SiteB and Server SiteA (here)
>
> BA {
> passwd SomePassword;
> up {
> program /sbin/ip "link set up dev %%";
> program /sbin/ip "addr add 0.0.0.0/0 dev %%";
> program /usr/sbin/brctl "addif br0 %%";
> };
> down {
> program /usr/sbin/brctl "delif br0 %%";
> };
> }
>
> ---- SiteB ----
>
> #*** /etc/default/vtun
>
> # Defaults for vtun initscript sourced by /etc/init.d/vtun
>
> # Should the standalone server be started?
> RUN_SERVER=no
>
> # Client sessions to start.
>
> # Session name
> CLIENT0_NAME=BA
> # Destination host
> CLIENT0_HOST=a.b.c.d
> # Optional parameters
> CLIENT0_ARGS="-P 5000"
>
> #*** /etc/vtund.conf
>
> #
> # VTun - Virtual Tunnel over TCP/IP network.
> # Copyright (C) 1998-2001 Maxim Krasnyansky <max...@yahoo.com>
> #
> # interface 0 is a tunnelled bridge br0
> # interface 1 is a physical point-to-point link
>
> options {
> type stand;
> bindaddr {
> iface eth1;
> };
> }
>
> default {
> type ether;
> # device tap; <<< this is always implied by "type ether", setting it causes
> problems
> proto udp;
> persist yes;
> keepalive yes;
> # compress lzo:1; <<< no compression during debugging, please!
> compress no;
> encrypt no;
> stat no;
> speed 0;
> }
>
> ### client-side tunnel BA between Client SiteB (here) and Server SiteA
>
> BA {
> passwd SomePassword;
> up {
> program /sbin/ip "link set up dev %%";
> program /sbin/ip "addr add 0.0.0.0/0 dev %%";
> program /usr/sbin/brctl "addif br0 %%";
> };
> down {
> program /usr/sbin/brctl "delif br0 %%";
> };
> }
>
> ---- that's about it ----
>
> So, good luck with VTUN, Manuel!
>
> By the way, here I use two independent VTUN tunnels (say: left-side and
> right-side) on the same internet link between two sites, with computer A
> acting as server for the left-side tunnel and client for the right-side
> tunnel, while computer B acts as client for the left-side tunnel and
> server for the right-side tunnels. Both computers sport two interfaces
> for the local networks (one interface per network) plus one interface
> for the internet connection. Works great!
>
> Bye!
> Norman. sysad...@csur.ca
>
>
>
>
--
Manuel Padrón Martínez
Administrador de Redes y Sistemas
.................................................................................................................
CITEC
Centro Canario de Tratamiento de la Información, S.L.
C/ Viera y Clavijo 34, 5ª Planta- 35002- Las Palmas de Gran Canaria - España
Telf.: +34 928 939 411 Fax: +34 928 939 343 email: mpad...@citec-sl.com
.................................................................................................................
Este mensaje y cualquier archivo adjunto al mismo son confidenciales y
atañe exclusivamente a las personas a las que va dirigido. Si usted
no es el destinatario de este mensaje, considérese advertido de que lo
ha recibido por error y que cualquier uso, difusión o copia están
absolutamente prohibidos, recomendándole la comunicación de este hecho
a la siguiente dirección de e-mail del remitente. Asimismo, se le
advierte que toda la información personal contenida en este mensaje se
encuentra protegida por la Ley 15/1999, de 13 de Diciembre de
protección de datos de carácter personal, quedando totalmente
prohibido su uso y/o tratamiento, así como la cesión de aquella a
terceros al margen de lo dispuesto en la citada ley protectora de
datos personales y de su normativa de desarrollo.
------------------------------------------------------------------------------
WhatsUp Gold - Download Free Network Management Software
The most intuitive, comprehensive, and cost-effective network
management toolset available today. Delivers lowest initial
acquisition cost and overall TCO of any competing solution.
http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________
Vtun-Users mailing list
Vtun-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/vtun-users
