|
|
Hi,
The scenario is as follows;
There are 47 districts, each district has max 160 sites.
Each site has vlan-bridge(vlan-b) for roadwarriors.
Max numbers of roadwarriors' virtual address is 200
(10.xx.xx.21 to 10.xx.xx.220) for each site.
Do we need one openserver instance for one tun/tap?
if so, we need three openserver instances at site1-1,site2-1,..
site47-1 and two openserver instances at the other sites.
My question is how to write routing table on each site
between openserver instances.
instance1 is between local subnet(e.g.,10.82.1.0) and
vlan-b(e.g., 10.82.1.21~ 10.82.1.220).
instance2 is between local subnet(e.g.,10.82.1.0) and
virtual lan1(10.81.1.0).
instance3 is between local subnet(10.82.1.0) and
virtual lan0(10.81.0.0).
When a roadworrior(10.82.1.21) communicate to a roadworrior
(10.82.160.21), voice packet goes as follows;
(10.82.1.21)---(eth1:tap0)---(eth0)--(tun0:eth1:10.81.1.1)--
<-- site1-1 instance1 ---------><-- site1-1 instance2 --->
??
--(10.81.1.160:eth0:tun0)---(eth0:10.82.160.1)----(tap0:eth1)--
<----- site1-160 instance2 ---------><--site1-160 isntanace1
??
--(10.82.160.21)
------------->
((((((((((((((((((( internet ))))))))))))))))))))))))))))))
| | | |
| openvpn virtual lan0 | 10.81.0.0 |
---+------------------------------+----------------------
|.1 | | |.47| |
| | virtual lan1(10.81.1.0) | | virtual lan47(10.81.47.0)
| | =+=========+===== | | =+============+==
| | |.1 ||.160 | | |.1 ||.70
| | | || | | | ||
---|---+---|--- --+|---- ---|---+--|---- ---+|---
| | eth1 | | | | | | | eth1 | | | | |
| tun1 tun0 |...| tun0 | *** | tun1 tun0 |... | tun0 |
| tap0 | | tap0 | | tap0 | | tap0 |
| eth0 | | | | | | eth0 | | | | |
--+--------|--- -+---|-- --+-------|---- -+---|--
|.1 ******** |.1 ******** |.1 ********** |.1 **********
| vlan-b | vlan-b | vlan-b | vlan-b
| 10.82.1 | 10.82.160 | 10.128.1 | 10.128.70
| .21~.220 | .21~.220 | .21~.220 | .21~.220
| | | |
|10.82.1.0 |10.82.160.0 |10.128.1.0 |10.128.70.0
--+----+----- -+-----+-- -+------+------- -+-----+----
|.2 |.3 |.2 |.3 |.2 |.3 |.2 |.3
| | | |
| | | |
gw gw gw gw
| | | |
--------------- ------------- --------------- -------------
site1-1 site1-160 site47-1 site47-70
local net local net local net local net
-------------- ------------ --------------- -------------
| |..... | |...... | |....... | |.....
pc pc pc pc pc pc pc pc
tun0: udp 1194
tun1: udp 1195
tap0: udp 1196
site local subnet
------------ ------------
site1-1 10.82.1.0
site1-2 10.82.2.0
....
site1-160 10.82.160.0
site2-1 10.83.1.0
site2-2 10.83.2.0
...
site2-50 10.83.50.0
*
*
*
site47-1 10.128.1.0
site47-2 10.128.2.0
....
site47-70 10.128.70.0
Regards,
Zen
____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|