Ok I got even more detail.
I can see that Site A recieves the arp packet from ping of Site B.
Even Site B machine answer to it with an arp reply but Computer B
didn't get the arp reply (even having eth1 in promisc mode)
Any idea?
2011/5/7 Manuel Padrón <mpad...@citec-sl.com>:
> Its seems that i forgot to get up br0 . Still don't work but now I can
> see that eth1 from computer A recieves the trafic from a ping of a
> computer on B side. It's seems to me something like eth1 don't send
> the trafic that it receives.... Any idea what I forgot?
>
>
> 2011/5/7 Manuel Padrón <mpad...@citec-sl.com>:
>> Hi Norman
>>
>> I've been triying to mount vtun but something is failling and I can't find
>> it.
>>
>> This is my scheme
>>
>> SiteA : part A of the network 192.168.4.0/24
>> |
>> +-------o-------------------------------+
>> | |\port eth1 in promisc mode |
>> | | |
>> | |-bridge br0 |
>> | | |
>> | o-VTUN tap0 in promisc mode |
>> | |
>> | /port eth0 public IP = 192.168.2.2 |
>> +-------o-------------------------------+
>> | computer A
>> |
>> +-----------------------------------------
>> | \port eth1 192.168.2.1
>> |
>> | Stupid router machine that I can't change
>> |
>> | \port eth0 192.168.0.2
>> +-----------------------------------------
>> |
>> | computer B
>> +-------o-------------------------------+
>> | \port eth0 public IP = 192.168.0.2 |
>> | |
>> | o-VTUN tap0 in promisc mode |
>> | | |
>> | |-bridge br0 |
>> | | |
>> | |/port eth1 in promisc mode |
>> +-------o-------------------------------+
>> |
>> SiteB : part B of the network 192,168.4.0/24
>>
>>
>> Computer A and B are debian 5.0
>>
>>
>>
>> The problem is that vtun establish the conection but I think that the
>> up part is not done (because there isn't br0 , tap0 is down, and eth1
>> still have an ip) So I did it manually
>>
>> But still have the same problem... machines in the network 192.168.4.0
>> on both sides didn't see the other side
>>
>> Looking eth1 stats information is reciving everything (from the
>> network) but it doesn't put on tap0
>>
>> Any idea?
>>
>>
>> Thanks in advance
>>
>>
>>
>>
>> 2011/5/5 Norman Molhant <n...@csur.ca>:
>>> Hi Manuel!
>>>
>>>> I would like to know if its posible to establish a bridge (of the same
>>>> network in two different physical locations) over internet using vtun.
>>>>
>>>> It's possible ? Someone did it?
>>>
>>> Yes. Fairly easy. A little drawing explains a lot, so, here goes:
>>>
>>> Two physical locations: SiteA and SiteB.
>>>
>>> SiteA : part A of the network x.y.x.0/24
>>> |
>>> +-------o-------------------------------+
>>> | |\port eth0 in promisc mode |
>>> | | |
>>> | |-bridge br0 |
>>> | | |
>>> | o-VTUN tap0 in promisc mode |
>>> | |
>>> | /port eth1 public IP = a.b.c.d |
>>> +-------o-------------------------------+
>>> | computer A
>>> |
>>> the internet
>>> |
>>> | computer B
>>> +-------o-------------------------------+
>>> | \port eth1 public IP = e.f.g.h |
>>> | |
>>> | o-VTUN tap0 in promisc mode |
>>> | | |
>>> | |-bridge br0 |
>>> | | |
>>> | |/port eth0 in promisc mode |
>>> +-------o-------------------------------+
>>> |
>>> SiteB : part B of the network x.y.x.0/24
>>>
>>> The idea is quite simple:
>>>
>>> on SiteA, computer A has 2 ethernet ports:
>>> - eth1 is connected (with public IP a.b.c.d) to the internet
>>> - eth0 is connected (in promisc mode) to part A of the network
>>> x.y.x.0/24
>>> - bridge br0 includes eth0 and the tap (tap0) created by VTUN
>>> in "ether" type, both with promisc=on
>>> - computer A is configured as VTUN server
>>>
>>> on SiteB, computer B has 2 ethernet ports:
>>> - eth1 is connected (with public IP e.f.g.h) to the internet
>>> - eth0 is connected (in promisc mode) to part B of the network
>>> x.y.x.0/24
>>> - bridge br0 includes eth0 and the tap (tap0) created by VTUN
>>> in "ether" ether, both with promisc=on
>>> - computer B is configured as VTUN client
>>>
>>> For VTUN configuration details, the VTUN docs are relatively
>>> clear. Anyway, I manage Debian systems, so here come the
>>> /etc/default/vtun and /etc/vtund.conf files for both sites:
>>>
>>> ---- SiteA ----
>>>
>>> #*** /etc/default/vtun
>>>
>>> # Defaults for vtun initscript sourced by /etc/init.d/vtun
>>>
>>> # Should the standalone server be started?
>>> RUN_SERVER=yes
>>> SERVER_ARGS="-P 5000"
>>>
>>> #*** /etc/vtund.conf
>>>
>>> # VTun - Virtual Tunnel over TCP/IP network.
>>> # Copyright (C) 1998-2001 Maxim Krasnyansky <max...@yahoo.com>
>>> #
>>> # interface 0 is a tunnelled bridge br0
>>> # interface 1 is a physical point-to-point link
>>>
>>> options {
>>> type stand;
>>> bindaddr {
>>> iface eth1;
>>> };
>>> }
>>>
>>> default {
>>> type ether;
>>> # device tap; <<< this is always implied by "type ether", setting it
>>> causes problems
>>> proto udp;
>>> persist yes;
>>> keepalive yes;
>>> # compress lzo:1;
>>> compress no;
>>> encrypt no;
>>> stat no;
>>> speed 0;
>>> }
>>>
>>> ### server-side tunnel BA between Client SiteB and Server SiteA (here)
>>>
>>> BA {
>>> passwd SomePassword;
>>> up {
>>> program /sbin/ip "link set up dev %%";
>>> program /sbin/ip "addr add 0.0.0.0/0 dev %%";
>>> program /usr/sbin/brctl "addif br0 %%";
>>> };
>>> down {
>>> program /usr/sbin/brctl "delif br0 %%";
>>> };
>>> }
>>>
>>> ---- SiteB ----
>>>
>>> #*** /etc/default/vtun
>>>
>>> # Defaults for vtun initscript sourced by /etc/init.d/vtun
>>>
>>> # Should the standalone server be started?
>>> RUN_SERVER=no
>>>
>>> # Client sessions to start.
>>>
>>> # Session name
>>> CLIENT0_NAME=BA
>>> # Destination host
>>> CLIENT0_HOST=a.b.c.d
>>> # Optional parameters
>>> CLIENT0_ARGS="-P 5000"
>>>
>>> #*** /etc/vtund.conf
>>>
>>> #
>>> # VTun - Virtual Tunnel over TCP/IP network.
>>> # Copyright (C) 1998-2001 Maxim Krasnyansky <max...@yahoo.com>
>>> #
>>> # interface 0 is a tunnelled bridge br0
>>> # interface 1 is a physical point-to-point link
>>>
>>> options {
>>> type stand;
>>> bindaddr {
>>> iface eth1;
>>> };
>>> }
>>>
>>> default {
>>> type ether;
>>> # device tap; <<< this is always implied by "type ether", setting it
>>> causes problems
>>> proto udp;
>>> persist yes;
>>> keepalive yes;
>>> # compress lzo:1; <<< no compression during debugging, please!
>>> compress no;
>>> encrypt no;
>>> stat no;
>>> speed 0;
>>> }
>>>
>>> ### client-side tunnel BA between Client SiteB (here) and Server SiteA
>>>
>>> BA {
>>> passwd SomePassword;
>>> up {
>>> program /sbin/ip "link set up dev %%";
>>> program /sbin/ip "addr add 0.0.0.0/0 dev %%";
>>> program /usr/sbin/brctl "addif br0 %%";
>>> };
>>> down {
>>> program /usr/sbin/brctl "delif br0 %%";
>>> };
>>> }
>>>
>>> ---- that's about it ----
>>>
>>> So, good luck with VTUN, Manuel!
>>>
>>> By the way, here I use two independent VTUN tunnels (say: left-side and
>>> right-side) on the same internet link between two sites, with computer A
>>> acting as server for the left-side tunnel and client for the right-side
>>> tunnel, while computer B acts as client for the left-side tunnel and
>>> server for the right-side tunnels. Both computers sport two interfaces
>>> for the local networks (one interface per network) plus one interface
>>> for the internet connection. Works great!
>>>
>>> Bye!
>>> Norman. sysad...@csur.ca
>>>
>>>
>>>
>>>
>>
>>
>>
>> --
>>
>> Manuel Padrón Martínez
>> Administrador de Redes y Sistemas
>> .................................................................................................................
>> CITEC
>> Centro Canario de Tratamiento de la Información, S.L.
>> C/ Viera y Clavijo 34, 5ª Planta- 35002- Las Palmas de Gran Canaria - España
>> Telf.: +34 928 939 411 Fax: +34 928 939 343 email: mpad...@citec-sl.com
>> .................................................................................................................
>> Este mensaje y cualquier archivo adjunto al mismo son confidenciales y
>> atañe exclusivamente a las personas a las que va dirigido. Si usted
>> no es el destinatario de este mensaje, considérese advertido de que lo
>> ha recibido por error y que cualquier uso, difusión o copia están
>> absolutamente prohibidos, recomendándole la comunicación de este hecho
>> a la siguiente dirección de e-mail del remitente. Asimismo, se le
>> advierte que toda la información personal contenida en este mensaje se
>> encuentra protegida por la Ley 15/1999, de 13 de Diciembre de
>> protección de datos de carácter personal, quedando totalmente
>> prohibido su uso y/o tratamiento, así como la cesión de aquella a
>> terceros al margen de lo dispuesto en la citada ley protectora de
>> datos personales y de su normativa de desarrollo.
>>
>
>
>
> --
>
> Manuel Padrón Martínez
> Administrador de Redes y Sistemas
> .................................................................................................................
> CITEC
> Centro Canario de Tratamiento de la Información, S.L.
> C/ Viera y Clavijo 34, 5ª Planta- 35002- Las Palmas de Gran Canaria - España
> Telf.: +34 928 939 411 Fax: +34 928 939 343 email: mpad...@citec-sl.com
> .................................................................................................................
> Este mensaje y cualquier archivo adjunto al mismo son confidenciales y
> atañe exclusivamente a las personas a las que va dirigido. Si usted
> no es el destinatario de este mensaje, considérese advertido de que lo
> ha recibido por error y que cualquier uso, difusión o copia están
> absolutamente prohibidos, recomendándole la comunicación de este hecho
> a la siguiente dirección de e-mail del remitente. Asimismo, se le
> advierte que toda la información personal contenida en este mensaje se
> encuentra protegida por la Ley 15/1999, de 13 de Diciembre de
> protección de datos de carácter personal, quedando totalmente
> prohibido su uso y/o tratamiento, así como la cesión de aquella a
> terceros al margen de lo dispuesto en la citada ley protectora de
> datos personales y de su normativa de desarrollo.
>
--
Manuel Padrón Martínez
Administrador de Redes y Sistemas
.................................................................................................................
CITEC
Centro Canario de Tratamiento de la Información, S.L.
C/ Viera y Clavijo 34, 5ª Planta- 35002- Las Palmas de Gran Canaria - España
Telf.: +34 928 939 411 Fax: +34 928 939 343 email: mpad...@citec-sl.com
.................................................................................................................
Este mensaje y cualquier archivo adjunto al mismo son confidenciales y
atañe exclusivamente a las personas a las que va dirigido. Si usted
no es el destinatario de este mensaje, considérese advertido de que lo
ha recibido por error y que cualquier uso, difusión o copia están
absolutamente prohibidos, recomendándole la comunicación de este hecho
a la siguiente dirección de e-mail del remitente. Asimismo, se le
advierte que toda la información personal contenida en este mensaje se
encuentra protegida por la Ley 15/1999, de 13 de Diciembre de
protección de datos de carácter personal, quedando totalmente
prohibido su uso y/o tratamiento, así como la cesión de aquella a
terceros al margen de lo dispuesto en la citada ley protectora de
datos personales y de su normativa de desarrollo.
------------------------------------------------------------------------------
WhatsUp Gold - Download Free Network Management Software
The most intuitive, comprehensive, and cost-effective network
management toolset available today. Delivers lowest initial
acquisition cost and overall TCO of any competing solution.
http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________
Vtun-Users mailing list
Vtun-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/vtun-users
