On Wed, Nov 24, 2010 at 08:58:22AM +0000, Gordan Bobic wrote:
> Herbert Poetzl wrote:
> >On Tue, Nov 23, 2010 at 05:22:54PM +0000, Gordan Bobic wrote:
> >>On 11/23/2010 04:50 PM, Daniel Hokka Zakrisson wrote:
> >>>Gordan Bobic wrote:
> >>>>Hi,
> >>>>I'm trying to get an OpenVPN server running in a guest and I have
> >>>>a peculiar problem. I cannot seem to manually create an OpenVPN
> >>>>interface exactly the same as what is created by:
> >>>># openvpn --mktun --dev tun0
> >>>>TUN/TAP device tun0 opened
> >>>>Persist state set to: ON
> >>>># ip link
> >>>>77: tun0:<POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN
> >>>>qlen 100
> >>>> link/[65534]
> >>>>How can a device with link type [65534] be created using the ip
> >>>>commands? The closest I could come up with is something like:
> >>>># ip tunnel add tun0 mode ipip local 192.168.0.1 remote 192.168.0.2
> >>>># ip link set tun0 mtu 1500
> >>>># ip addr add dev tun0 local 192.168.0.1 peer 192.168.0.2
> >>>If this is for a guest, why don't you just set
> >>>/etc/vservers/<guest>/interfaces/<x>/tun?
> >>How do I tell it there to set it up as a pointopoint link?
> >/etc/vservers/PTPTUN/interfaces/tun/
> >dev : tun0
> >ip : 10.0.0.1
> >peer : 10.0.0.2
> >prefix : 24
> >tun
> Thanks for that.
> Aren't PtP connections supposed to be /32, though?
really depends on the usage, if you want broadcast to
work (and have more than one host address on either
side a prefix <31 is useful, if you 'just' happen to
have two host addresses on each side, RFC 3021 suggest
to use 31 instead, but if you don't care about network
related stuff, you can use 32 as well (which assumes
everything to be remote and thus routed)
HTC,
Herbert
> Gordan
Received on Wed Nov 24 10:34:14 2010