[pptp-server] Bridging
Andrew Miklas
amiklas at bigfoot.com
Thu Aug 26 22:55:31 CDT 1999
Hi all,
Your replies have given me plenty to think about! Thanks!
However, I believe I may have found another simple solution to my problem.
Is it possible to simply bridge the ppp device with a eth device on the pptpd server? In this way, the ppp connection will think it is simply plugged straight into a hub here? I have tried messing with proxyarp and routing tables with no avail. I believe the solution lies in doing a straight out bridge with something like brcfg, but I have been unsuccessful in doing this. Bridging, as I understand it, was somewhat of a nightmare in the 2.0 series of kernels, and was pulled from the 2.1 series. I use a Redhat 6.0 standard 2.2.5-15 kernel. Does it have routing support by default? If not, is there a module or daemon that I can load to accomplish this? What program can I use to configure the kernel level / module bridge?
While this approach may be a tad inefficient, it will virtually guarantee every application will run on the network. Currently, file sharing using Network Neighborhood seems spotty and unnecessarily slow, and other applications don't work at all. By simply bridging the networks, I believe IPX will simply fall into place. Since the connection really doesn't have to be all that fast (and the two sites are connected by cable modem), I don't think the performance problems would be that big.
So, basically, is there a way to dump all traffic on eth1 onto ppp0 in such a way it is transparent to the "client" on ppp0. (ie. traceroute from a computer on eth1 to "client" on ppp0 will not show pptpd server or bridge in the middle -- I guess that is the definition of a bridge anyway.)
Better yet, can I dump a subnet of eth1 onto ppp0 in such a way that the "client" of ppp0 appears as a host on a subnet of eth1? This way, I can group all computers that VPN clients will need to gain _direct_ access to in a subnet, and make all VPN clients plug straight into that subnet. Computers they need access to, but not direct, can be in other subnets, routed to the special subnet by way of conventional routing and gateways on the Linux machine. That way, the bridge is only dumping a minimal amount of excess chatter over the ppp line.
I hope some of that made sense! I am a recent Windows convert, and am still getting used to the idea of playing around with TCP settings at this level.
Thanks for your help,
Andrew Miklas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.schulte.org/mailman/private/pptp-server/attachments/19990826/07953c61/attachment.html>
More information about the pptp-server
mailing list