Home / server / Questions / 593849
In Process
user219031
Asked: 2014-05-09 00:39:19 +0800 CST

openvpn 's netmask and client-to-client mode

  • 772

I had set openvpn 's config as

route 10.8.0.0 255.255.255.0
push "route 10.8.0.0 255.255.255.0"
client-to-client

and set ccd/username as

iroute 10.8.0.0 255.255.255.0

BUT, the client's netmask was 255.255.255.252 yet. and server's ifconfig is:

tun0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
        inet addr:10.8.0.1  P-t-P:10.8.0.2  Mask:255.255.255.255
        UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1

I want to set client and server 's mask as 255.255.255.0, for client-to-client communication.

openvpn

2 Answers

  1. OpenVPN (in layer 3/tun mode) creates virtual point-to-point (like you would get with RS232 for example) links between the server and each client. Any traffic between clients goes trough the server (if there is no client-to-client directive, the server just drops those packets).

    Check the routing tables of the clients they should say:

    10.8.0.0/24 interface tun0

    If you use OpenVPN in layer2/tap mode then it creates a virtual ethernet card with the proper IP and netmask.

    • 0

  2. I think it is all a matter of setting the topology parameter to subnet, and then specifying the netmask on the server parameter at the server's config file, like:

    server 10.8.0.0 255.255.255.0

    Without the topology parameter it seems those changes will not work.

    Extracted from here.

    • 0