Bridge kills LAN interface which handles DHCP and internet

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
huntly001
OpenVpn Newbie
Posts: 3
Joined: Mon Aug 30, 2010 11:45 am

Bridge kills LAN interface which handles DHCP and internet

Post by huntly001 » Mon Sep 06, 2010 11:00 am

Hi there!

I've got a server I'm learning on with 2 NICS installed with Debian. eth0 plugs into the 'WAN' (10.0.0.x, just a home ADSL gateway with the appropriate port forwarding enabled), and eth1 into the LAN (192.168.122.x).
eth1 serves DHCP requests, handles the iptables firewall for passing through internet traffic, and DNS updates with BIND9 and works perfectly.
I also want the machine to be an OpenVPN server so mates can connect and play LAN games. I can connect a client and pick up an IP, ping, see SMB shares etc no worries from the eth0 side when the machine's running (i.e. OpenVPN is running automatically or manually started). The problemo lies when I'm a normal machine sitting on the back end of eth1 I no longer pick up an ip or get any love whatsoever from the original setup as the eth1 address settings have moved to the bridge.
My bridge interface is binding to eth1 as I think it ought to, but that's where the prob resides I feel as everything works peachy when I disable the VPN from starting or manually stop it...
Is there a way I can have my VPN cake and eat it too (keep my old LAN setup and have a VPN too)?

my server.conf

Code: Select all

port 1194
proto udp
dev tap0
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key  # This file should be kept secret
dh /etc/openvpn/keys/dh1024.pem
ifconfig-pool-persist ipp.txt
server-bridge 192.168.122.1 255.255.255.0 192.168.122.100 192.168.122.109
push "dhcp-option DNS 192.168.122.1"
client-to-client
keepalive 10 120
comp-lzo
max-clients 30
persist-key
persist-tun
status openvpn-status.log
verb 3
mute 20
and my bridge script

Code: Select all

br="br0"
tap="tap0"
eth="eth1"
eth_ip="192.168.122.1"
eth_netmask="255.255.255.0"
eth_broadcast="192.168.122.255"
for t in $tap; do
    openvpn --mktun --dev $t
done
brctl addbr $br
brctl addif $br $eth
for t in $tap; do
    brctl addif $br $t
done
for t in $tap; do
    ifconfig $t 0.0.0.0 promisc up
done
ifconfig $eth 0.0.0.0 promisc up
ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast
echo "Bridge started"
Ideally in the end it'll forward IP address from the DHCP server and update DNS with the client computer names too, but one step at a time...

Thanks for any help!
never put off till tomorrow that which you can put off indefinitely
Top
huntly001
OpenVpn Newbie
Posts: 3
Joined: Mon Aug 30, 2010 11:45 am

Re: Bridge kills LAN interface which handles DHCP and intern

Post by huntly001 » Wed Oct 27, 2010 11:59 pm

I eventually got this figured out;
Had to add the tap/br interfaces to my dhcpd.conf and iptables

hope this may well help someone someday!
never put off till tomorrow that which you can put off indefinitely
Top
Post Reply

Return to “Configuration”