vtun, bridging and dhcp

Hi,

I'm trying to setup some kind of linux VPN.
The host network IP is (lets says) 192.168.1.x My goal is too have a
remote client computer connected to a virtual interface with an IP
adress in the 192.168.1.x range. Both client and "VPN server" are
running linux.

Right know it works as long as I use a static IP for the remote client.
Here are the details:

Initially I have "VPN server" (Server) in the host network with
eth0=192.168.1.1.


1/ On Server I configure a bridge br0 with only one port (eth0):
br0=192.168.1.1, eth0=0.0.0.0
2/ I setup a vtun tunnel, ether type, between Server and Client so I
have two virtual interfaces tap0 on Server and tap1 on Client
(unconfigured yet)
3/ I add tap0 port to br0 and bring it up
tap0=0.0.0.0
4/ I manually configure tap1 on Client :
ifconfig tap1 192.168.1.101

This works fine, my Client is now seen as being on the host network,
and I can ping anyways...

Now if I replace 4/ by ifup tap1, with tap1 configure for dhcp, its not
working so well. Apparently I get a DHCP lease from a server on the
host network, but then it stalls and eventually the tunnel will
disconnect and I will even loose my ssh connection to the Client.

Any ideas why DHCP is different ?

Thanks

-- F.G.

On Fri, 29 Apr 2005 17:08:59 -0700, fabrice.gautier wrote:

> Hi,
>
> I'm trying to setup some kind of linux VPN.
> The host network IP is (lets says) 192.168.1.x My goal is too have a
> remote client computer connected to a virtual interface with an IP
> adress in the 192.168.1.x range. Both client and "VPN server" are
> running linux.
>
> Right know it works as long as I use a static IP for the remote client.
> Here are the details:
>
> Initially I have "VPN server" (Server) in the host network with
> eth0=192.168.1.1.
>
>
> 1/ On Server I configure a bridge br0 with only one port (eth0):
> br0=192.168.1.1, eth0=0.0.0.0
> 2/ I setup a vtun tunnel, ether type, between Server and Client so I
> have two virtual interfaces tap0 on Server and tap1 on Client
> (unconfigured yet)
> 3/ I add tap0 port to br0 and bring it up
> tap0=0.0.0.0
> 4/ I manually configure tap1 on Client :
> ifconfig tap1 192.168.1.101
>
> This works fine, my Client is now seen as being on the host network,
> and I can ping anyways...
>
> Now if I replace 4/ by ifup tap1, with tap1 configure for dhcp, its not
> working so well. Apparently I get a DHCP lease from a server on the
> host network, but then it stalls and eventually the tunnel will
> disconnect and I will even loose my ssh connection to the Client.
>
> Any ideas why DHCP is different ?
>
> Thanks
>
> -- F.G.

I don't know why its different in the tunnel you are using; but I've setup
vpn a few times using Openvpn which does a whole bunch of stuff including
respecting DHCP settings. Have you messed with OpenVPN at all? Truly
powerful and versatile. It'll run on Linux, BSDs, Windows. It has a
variety of authentication mechanisms includng a static key, full-on SSL,
etc. It can routed or bridged networking. There are debian packages in
testing and unstable and I've built the source package in rpm format for
Fedora Core 3. I'm running it fulltime and using it to connect a linux
client and a XP client. Works great! I've also setup small businesses
with it and the Windows client is very nice.

All open sourced, maintained and developed actively. Good examples on the
website. That would be http://www.openvpn.net BTW.


--
Michael Perry | do or do not. There is no try. -Master Yoda
(E-Mail Removed) | http://www.lnxpowered.org