|
|
http://files.multicastdns.org/draft-cheshire-dnsext-multicastdns.txt 4. Source Address Check ... A host sending Multicast DNS queries to a link-local destination address (including the 224.0.0.251 link-local multicast address) MUST only accept responses to that query that originate from the local link, and silently discard any other response packets. Without this check, it could be possible for remote rogue hosts to send spoof answer packets (perhaps unicast to the victim host) which the receiving machine could misinterpret as having originated on the local link. So it seems a properly designed client would undermine all your efforts to route traffic that is unroutable. Maybe you should be looking at a bridge. On 1/5/07, Les Mikesell <lesmikesell@xxxxxxxxx> wrote: > On Fri, 2007-01-05 at 16:03 -0500, TheGesus wrote: > > On 1/5/07, Hans-Peter Mani <hp@xxxxxxxxxx> wrote: > > > Hi > > > > > > I am trying to get discovery service like apple's rendezvous working > > > with openvpn tunnels. From what I googled I understand that i have to > > > use a multicast router like mrouted. I am far away from being an expert > > > but I tried to create a mrouted tunnel with something like this > > > > > > > Rendezvous and other Zeroconf protocols like mDNS are, as I understand > > it, supposed to be, by definition, link-local. > > Aren't VPN's by definition, supposed to make things work like > they are local even if they aren't? > > -- > Les Mikesell > lesmikesell@xxxxxxxxx > > > ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users |