WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] Xen and OpenVPN

This is really something for the openvpn mailing list as Xen doesn't really affect it.
I think it is not. It's a problem of Xen because masquerading doesn't work on the same Xen host.

Personally I use the push "route 10.1.0.0 255.255.255.0" command, the make sure the other domUs have the appropriate routing:

        up route add -net 192.168.1.0/24 gw  10.1.0.1
        down route del -net 192.168.1.0/24 gw  10.1.0.1

in /etc/network/interfaces, were 10.1.0.1 is the openvpn server host.
My route is set by OpenVPN and everything works fine on the clients. If I try to connect an other DomU on this server the route goes trough the openvpn server.
NAT is not really needed in a private network situation.
I only use NAT to provide internet access to the OpenVPN Clients. So the connection to other Xen DomUs use NAT too, because all the traffic which is not in 10.8.0.0/24 subnet (my OpenVPN Subnet) uses NAT. This is the easiest way for me but it doesn't work with Xen.

I'm going to test this configuration with routing instead of briding on Xen dom0.

Best regards,
Kai Wembacher

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>