Its seems that i forgot to get up br0 . Still don't work but now I can
see that eth1 from computer A recieves the trafic from a ping of a
computer on B side. It's seems to me something like eth1 don't send
the trafic that it receives.... Any idea what I forgot?
2011/5/7 Manuel Padrón <mpad...@citec-sl.com>:
> Hi Norman
>
> I've been triying to mount vtun but something is failling and I can't find it.
>
> This is my scheme
>
> SiteA : part A of the network 192.168.4.0/24
> |
> +-------o-------------------------------+
> | |\port eth1 in promisc mode |
> | | |
> | |-bridge br0 |
> | | |
> | o-VTUN tap0 in promisc mode |
> | |
> | /port eth0 public IP = 192.168.2.2 |
> +-------o-------------------------------+
> | computer A
> |
> +-----------------------------------------
> | \port eth1 192.168.2.1
> |
> | Stupid router machine that I can't change
> |
> | \port eth0 192.168.0.2
> +-----------------------------------------
> |
> | computer B
> +-------o-------------------------------+
> | \port eth0 public IP = 192.168.0.2 |
> | |
> | o-VTUN tap0 in promisc mode |
> | | |
> | |-bridge br0 |
> | | |
> | |/port eth1 in promisc mode |
> +-------o-------------------------------+
> |
> SiteB : part B of the network 192,168.4.0/24
>
>
> Computer A and B are debian 5.0
>
>
>
> The problem is that vtun establish the conection but I think that the
> up part is not done (because there isn't br0 , tap0 is down, and eth1
> still have an ip) So I did it manually
>
> But still have the same problem... machines in the network 192.168.4.0
> on both sides didn't see the other side
>
> Looking eth1 stats information is reciving everything (from the
> network) but it doesn't put on tap0
>
> Any idea?
>
>
> Thanks in advance
>
>
>
>
> 2011/5/5 Norman Molhant <n...@csur.ca>:
>> Hi Manuel!
>>
>>> I would like to know if its posible to establish a bridge (of the same
>>> network in two different physical locations) over internet using vtun.
>>>
>>> It's possible ? Someone did it?
>>
>> Yes. Fairly easy. A little drawing explains a lot, so, here goes:
>>
>> Two physical locations: SiteA and SiteB.
>>
>> SiteA : part A of the network x.y.x.0/24
>> |
>> +-------o-------------------------------+
>> | |\port eth0 in promisc mode |
>> | | |
>> | |-bridge br0 |
>> | | |
>> | o-VTUN tap0 in promisc mode |
>> | |
>> | /port eth1 public IP = a.b.c.d |
>> +-------o-------------------------------+
>> | computer A
>> |
>> the internet
>> |
>> | computer B
>> +-------o-------------------------------+
>> | \port eth1 public IP = e.f.g.h |
>> | |
>> | o-VTUN tap0 in promisc mode |
>> | | |
>> | |-bridge br0 |
>> | | |
>> | |/port eth0 in promisc mode |
>> +-------o-------------------------------+
>> |
>> SiteB : part B of the network x.y.x.0/24
>>
>> The idea is quite simple:
>>
>> on SiteA, computer A has 2 ethernet ports:
>> - eth1 is connected (with public IP a.b.c.d) to the internet
>> - eth0 is connected (in promisc mode) to part A of the network
>> x.y.x.0/24
>> - bridge br0 includes eth0 and the tap (tap0) created by VTUN
>> in "ether" type, both with promisc=on
>> - computer A is configured as VTUN server
>>
>> on SiteB, computer B has 2 ethernet ports:
>> - eth1 is connected (with public IP e.f.g.h) to the internet
>> - eth0 is connected (in promisc mode) to part B of the network
>> x.y.x.0/24
>> - bridge br0 includes eth0 and the tap (tap0) created by VTUN
>> in "ether" ether, both with promisc=on
>> - computer B is configured as VTUN client
>>
>> For VTUN configuration details, the VTUN docs are relatively
>> clear. Anyway, I manage Debian systems, so here come the
>> /etc/default/vtun and /etc/vtund.conf files for both sites:
>>
>> ---- SiteA ----
>>
>> #*** /etc/default/vtun
>>
>> # Defaults for vtun initscript sourced by /etc/init.d/vtun
>>
>> # Should the standalone server be started?
>> RUN_SERVER=yes
>> SERVER_ARGS="-P 5000"
>>
>> #*** /etc/vtund.conf
>>
>> # VTun - Virtual Tunnel over TCP/IP network.
>> # Copyright (C) 1998-2001 Maxim Krasnyansky <max...@yahoo.com>
>> #
>> # interface 0 is a tunnelled bridge br0
>> # interface 1 is a physical point-to-point link
>>
>> options {
>> type stand;
>> bindaddr {
>> iface eth1;
>> };
>> }
>>
>> default {
>> type ether;
>> # device tap; <<< this is always implied by "type ether", setting it
>> causes problems
>> proto udp;
>> persist yes;
>> keepalive yes;
>> # compress lzo:1;
>> compress no;
>> encrypt no;
>> stat no;
>> speed 0;
>> }
>>
>> ### server-side tunnel BA between Client SiteB and Server SiteA (here)
>>
>> BA {
>> passwd SomePassword;
>> up {
>> program /sbin/ip "link set up dev %%";
>> program /sbin/ip "addr add 0.0.0.0/0 dev %%";
>> program /usr/sbin/brctl "addif br0 %%";
>> };
>> down {
>> program /usr/sbin/brctl "delif br0 %%";
>> };
>> }
>>
>> ---- SiteB ----
>>
>> #*** /etc/default/vtun
>>
>> # Defaults for vtun initscript sourced by /etc/init.d/vtun
>>
>> # Should the standalone server be started?
>> RUN_SERVER=no
>>
>> # Client sessions to start.
>>
>> # Session name
>> CLIENT0_NAME=BA
>> # Destination host
>> CLIENT0_HOST=a.b.c.d
>> # Optional parameters
>> CLIENT0_ARGS="-P 5000"
>>
>> #*** /etc/vtund.conf
>>
>> #
>> # VTun - Virtual Tunnel over TCP/IP network.
>> # Copyright (C) 1998-2001 Maxim Krasnyansky <max...@yahoo.com>
>> #
>> # interface 0 is a tunnelled bridge br0
>> # interface 1 is a physical point-to-point link
>>
>> options {
>> type stand;
>> bindaddr {
>> iface eth1;
>> };
>> }
>>
>> default {
>> type ether;
>> # device tap; <<< this is always implied by "type ether", setting it
>> causes problems
>> proto udp;
>> persist yes;
>> keepalive yes;
>> # compress lzo:1; <<< no compression during debugging, please!
>> compress no;
>> encrypt no;
>> stat no;
>> speed 0;
>> }
>>
>> ### client-side tunnel BA between Client SiteB (here) and Server SiteA
>>
>> BA {
>> passwd SomePassword;
>> up {
>> program /sbin/ip "link set up dev %%";
>> program /sbin/ip "addr add 0.0.0.0/0 dev %%";
>> program /usr/sbin/brctl "addif br0 %%";
>> };
>> down {
>> program /usr/sbin/brctl "delif br0 %%";
>> };
>> }
>>
>> ---- that's about it ----
>>
>> So, good luck with VTUN, Manuel!
>>
>> By the way, here I use two independent VTUN tunnels (say: left-side and
>> right-side) on the same internet link between two sites, with computer A
>> acting as server for the left-side tunnel and client for the right-side
>> tunnel, while computer B acts as client for the left-side tunnel and
>> server for the right-side tunnels. Both computers sport two interfaces
>> for the local networks (one interface per network) plus one interface
>> for the internet connection. Works great!
>>
>> Bye!
>> Norman. sysad...@csur.ca
>>
>>
>>
>>
>
>
>
> --
>
> Manuel Padrón Martínez
> Administrador de Redes y Sistemas
> .................................................................................................................
> CITEC
> Centro Canario de Tratamiento de la Información, S.L.
> C/ Viera y Clavijo 34, 5ª Planta- 35002- Las Palmas de Gran Canaria - España
> Telf.: +34 928 939 411 Fax: +34 928 939 343 email: mpad...@citec-sl.com
> .................................................................................................................
> Este mensaje y cualquier archivo adjunto al mismo son confidenciales y
> atañe exclusivamente a las personas a las que va dirigido. Si usted
> no es el destinatario de este mensaje, considérese advertido de que lo
> ha recibido por error y que cualquier uso, difusión o copia están
> absolutamente prohibidos, recomendándole la comunicación de este hecho
> a la siguiente dirección de e-mail del remitente. Asimismo, se le
> advierte que toda la información personal contenida en este mensaje se
> encuentra protegida por la Ley 15/1999, de 13 de Diciembre de
> protección de datos de carácter personal, quedando totalmente
> prohibido su uso y/o tratamiento, así como la cesión de aquella a
> terceros al margen de lo dispuesto en la citada ley protectora de
> datos personales y de su normativa de desarrollo.
>
--
Manuel Padrón Martínez
Administrador de Redes y Sistemas
.................................................................................................................
CITEC
Centro Canario de Tratamiento de la Información, S.L.
C/ Viera y Clavijo 34, 5ª Planta- 35002- Las Palmas de Gran Canaria - España
Telf.: +34 928 939 411 Fax: +34 928 939 343 email: mpad...@citec-sl.com
.................................................................................................................
Este mensaje y cualquier archivo adjunto al mismo son confidenciales y
atañe exclusivamente a las personas a las que va dirigido. Si usted
no es el destinatario de este mensaje, considérese advertido de que lo
ha recibido por error y que cualquier uso, difusión o copia están
absolutamente prohibidos, recomendándole la comunicación de este hecho
a la siguiente dirección de e-mail del remitente. Asimismo, se le
advierte que toda la información personal contenida en este mensaje se
encuentra protegida por la Ley 15/1999, de 13 de Diciembre de
protección de datos de carácter personal, quedando totalmente
prohibido su uso y/o tratamiento, así como la cesión de aquella a
terceros al margen de lo dispuesto en la citada ley protectora de
datos personales y de su normativa de desarrollo.
------------------------------------------------------------------------------
WhatsUp Gold - Download Free Network Management Software
The most intuitive, comprehensive, and cost-effective network
management toolset available today. Delivers lowest initial
acquisition cost and overall TCO of any competing solution.
http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________
Vtun-Users mailing list
Vtun-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/vtun-users
