WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] Xen and OpenVPN

from [Kai Wembacher] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] Xen and OpenVPN
From: Kai Wembacher <kai@xxxxxxxxxxxxx>
Date: Mon, 14 Aug 2006 07:00:23 +0200
Delivery-date: Sun, 13 Aug 2006 22:01:01 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <2b6116b30608131503g5b9a78ddyfc3696ddeaec4ee8@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <2F2891DC-6A7F-4691-9824-8435A16F2167@xxxxxxxxxxxxx> <2b6116b30608131503g5b9a78ddyfc3696ddeaec4ee8@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
This is really something for the openvpn mailing list as Xen doesn't really affect it.
I think it is not. It's a problem of Xen because masquerading doesn't work on the same Xen host.
Personally I use the push "route 10.1.0.0 255.255.255.0" command, the make sure the other domUs have the appropriate routing: 

        up route add -net 192.168.1.0/24 gw  10.1.0.1
        down route del -net 192.168.1.0/24 gw  10.1.0.1

in /etc/network/interfaces, were 10.1.0.1 is the openvpn server host.
My route is set by OpenVPN and everything works fine on the clients. If I try to connect an other DomU on this server the route goes trough the openvpn server. 
NAT is not really needed in a private network situation.
I only use NAT to provide internet access to the OpenVPN Clients. So the connection to other Xen DomUs use NAT too, because all the traffic which is not in 10.8.0.0/24 subnet (my OpenVPN Subnet) uses NAT. This is the easiest way for me but it doesn't work with Xen.
I'm going to test this configuration with routing instead of briding on Xen dom0. 

Best regards,
Kai Wembacher

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-users] Kernel Crashes with APIC bug, Dave Cameron
Next by Date:  [Xen-users] Disk images for server environment?, Devraj Mukherjee
Previous by Thread:  Re: [Xen-users] Xen and OpenVPN, Nicholas Lee
Next by Thread:  [Xen-users] Xen and Asterisk/Zapata WORKING!!, Jason
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy