|
|
hello im not sure, but i think brX interfaces are like carpX interfaces a logical interface and the doesnt show any traffic on it. but firewall rules applied to them may affect directly the interfaces "under" the bridge interface. regards marco Michael Jürgens wrote: > Hi Dave, > thanks for your reply. > I´ve found the pitfall. It was iptables. > Putting a rule "iptables -A FORWARD -i br0 -o br0 -j ACCEPT" fixes the > problem. > > It is a little bit brasy because tcpdump doesn´t show the packets on br0 > - only on tap0 anp 1. > > regards, > > Michael > > Dave schrieb: > >>> is it possible to bridge two tap interfaces? >>> >>> I´ve tried the following: >>> >>> Server: >>> - br0 bridges tap0 and tap1 >>> >>> >>> >>>> brctl show br0 >>>> >>>> >>> bridge name bridge id STP enabled interfaces >>> br0 8000.965a950332fc no tap1 >>> tap0 >>> >>> >>> >> I run a setup with a bridge of 2 tap devices, and it works happily. My need >> is that I run two openvpn instances, one for TCP and one for UDP, and they >> are both bridged to the eth0 adapter. I mention this because I notice you >> don't have eth0 in your bridge but maybe you do this so that the VPN makes >> some sort of private network separate from your lan? >> >> Also, iptables works at layer 3; a similar thing relevant for leyer 2 (e.g. >> bridges) is ebtables. I haven't used it so I can't really comment further. >> >> -Dave >> >> >> > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Microsoft > Defy all challenges. Microsoft(R) Visual Studio 2005. > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@xxxxxxxxxxxxxxxxxxxxx > https://lists.sourceforge.net/lists/listinfo/openvpn-users > ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |