Using tap mode without ethernet bridging on server side.

[tushar.sharma]

Hello all,

I am facing some problem with ethernet bridging, as br0 is created so local lan nic losses its original identity and iptables rules written with interface -i eth1(lan) option no more works !!

So I was thinking that is it possible to use tap mode assign ip to remote vpn client from local subnet of server using server-bridge ip netmaskoption, without bridging lan nic & tap0.

So that it will solve my problems.,Currently i want to assign ip using dhcp server.

[janjust]

yes this is possible (I think ) but you will need to run something like

Code: Select all

dhcrelay -i tap0 -i eth1

to forward all DHCP traffic from the VPN to the DHCP server on the eth1 LAN.

[tushar.sharma]

Thanks JJK for reply,

So will it work without even bridging local lan nic & tap0 and serving same behaviour as in case of ethernet bridging in tap mode ?

Thanking You
Tushar Sharma

[janjust]

it won't be the same as bridging - but you CAN use an external DHCP server in tap mode without bridging. Bridging forwards all packets between the interfaces that are bridged (usually ethX and tapX) : this functionality will be lost without the bridge.

[tushar.sharma]

Then how would be packets routed from local lan subnet to tap interface?

considering what you have said, i have following setup


(pc 192.168.2.100)---(server 192.168.103.58)--(network)--(192.168.103.61 client)----(pc192.168.3.100)

now server will assign ip using dhrelay option to client from its local subnet i.e 192.168.2.0/24 subnet,
server will also assign one ip from same subnet to its tap interface but how packets would be routed from local lan nic and subnet and tap interface on server side. ?


Thanking You
Tushar