[ previous ] [ next ] [ threads ]
 
 From:  Peter Curran <lists at closeconsultants dot com>
 To:  kasadsyed at alicemail dot fr, 'm0n0wall list' <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] bridge building
 Date:  Thu, 7 Oct 2004 12:10:24 +0100 
Kemal

When I finish off the OpenVPN stuff (currently still debugging, but getting 
close) you WILL be able to do this with OpenVPN and a m0n0 at each end.

However, before you leap up and down with excitement let me advise you that 
this is a far from sensible thing to do unless you have a lot of bandwidth 
between the two m0n0 boxes.  It is considered very poor design to use a 
remote bridge (which is what you are describing) because there is a lot of 
broadcast traffic on a LAN - especially if you use the default config of 
those dreadful Windows boxes that every body insists on using.  All of this 
traffic has to be forwarded to the other side and may well disadvantage the 
real traffic that you want to send.

Even if you do have a lot of bandwidth (and 'a lot' depends on how much 
traffic you really have) OpenVPN has limitations on the size of its buffers 
for handling broadcast and multicast packets that may cause stability 
problems.

As part of the OpenVPN-on-m0n0 project I am writing some documentation that 
describes how to configure the system for different scenarios and I will 
document how to do this at that time.

Perhaps if you describe what it is you are trying to do, and why, the list may 
be able to come up with a better solution.

Regards

Peter


On Friday 01 October 2004 08:19, kemal asad wrote:
> I may be asking a stupid question so please forgive the ignorant that i
> am.
> i need to create a bridge over internet. i want all the traffic even
> broadcasts to be forwarded through the bridge to the otherside ( so from
> what i understand static route might not do it) . Can i do it with
> Monowall on both side of the bridge. if not please advise on any other
> solution. i currently have two soekriss 48xx . if yes, please let me
> know the iurl of any cookbook on the subject.
> Thanks.
> Kemal
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.