On Tue, Nov 27, 2012 at 08:22:38PM +0100, Per Jessen wrote:
Marc Chamberlin wrote:
On 11/26/2012 11:19 PM, Per Jessen wrote:
Marc Chamberlin wrote:
So, my feeling about the man page for ifcfg-bridge is that it is very abbreviated and requires a deep understanding of the openSuSE network setup model which I don't have. Worse, the man page for ifcfg-bridge refers to a non-existent website - http://linux-net.osdl.org/index.php.Bridge for further information, and there is nothing that I can find in the openSuSE documentation wiki's that describe how to set up openvpn either.
Please file a bug report for this documentation issue and report the defect ID back to this thread. http://www.linuxfoundation.org/collaborate/workgroups/networking/bridge might be the current location of the documentation. If that's the case add this information to the defect report too. [ 8< ]
OK, I can accept this and thanks for the info. But my confusion remains, how does the bridge interface (br0) KNOW about the connection between my tap0 and eth1 interfaces. Setting up the tap0 interface, via YaST, seems to be straightforward (though there is nothing to specify an association between it an an ethernet (eth) or bridged device nor did I expect there to be), but my experiments with setting up the bridge, using YaST, do not enlighten me. If I select both interfaces, tap0 and eth1, as the devices to be bridged, which YaST seems to allow in its GUI, it does NOT set the BRIDGE_PORTS variable, in the ifcfg-br0 configuration file, to both ports/devices. (ya gotta love all this naming inconsistencies!)
I'd like to help you with this, but I simply don't have any experience with openvpn and a bridged setup. I expect some of this to have been only superficially tested, so I would not be surprised if you find some yast bugs.
There is no YaST bug nor is there a bug in the init scripts. Go one step back and reconsider what's your goal. The intention is to be able to connect two networks with the help of openvpn. This does not require a tap device nor does it require a bridge. I believe the mix of the openvpn howto and the SUSE documentation leaded Marc in this direction. What you need is network packet forwarding between your network and the Microsoft Windows system where openvpn will run too. On your end SUSE Firewall will be of help. But for the beginning you can even start with a disabled firewall at all. This will make your initial setup of the VPN easier. Take a pen and paper and make a drawing of the networki setup. The other side, the other system must be able to connect to your openvpn daemon. If the other end runs on a windows system which is very likely connected via a router to the network your openvpn end must be reachable from the internet and therefore run on your gateway/ firewall system. If I get it right that's eth0 on your firewall system. Else you'll not be able to establish a VPN connection. One end of the VPN connection must be reachable from the public, worlwide routed internet. Cheers, Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team + SUSE Labs SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany