2015-02-11 10:02:03 +00:00
|
|
|
# Example Configuration for direct peer to peer
|
2015-02-11 10:01:34 +00:00
|
|
|
* Replace `<PEER_NAME>` with a self chosen name to identify this peer
|
|
|
|
* Replace `<PROTO>` with either `udp` or `udp6`, depending if you reach your remote peer with ipv4 o ipv6
|
|
|
|
* Replace `<REMOTE_HOST>` with the public ip address of your peer
|
|
|
|
* Replace `<REMOTE_PORT>` with the port number, where your peer's openvpn daemon listen for traffic
|
|
|
|
* Replace `<LOCAL_HOST>` with your public ip
|
|
|
|
* Replace `<INTERFACE_NAME>` with a self chosen name, this will be the name of your network interface (tun device) for this peering
|
|
|
|
* Replace `<LOCAL_GATEWAY_IP>` with your own dn42 ip address
|
|
|
|
* Replace `<REMOTE_GATEWAY_IP>` with dn42 ip address of your peer
|
2015-02-11 10:01:00 +00:00
|
|
|
|
|
|
|
```
|
|
|
|
#/etc/openvpn/<PEER_NAME>
|
|
|
|
daemon
|
|
|
|
proto <PROTO>
|
|
|
|
mode p2p
|
|
|
|
remote <REMOTE_HOST>
|
|
|
|
rport <REMOTE_PORT>
|
|
|
|
local <LOCAL_HOST>
|
|
|
|
lport <LOCAL_PORT>
|
|
|
|
dev-type tun
|
|
|
|
dev <INTERFACE_NAME>
|
|
|
|
comp-lzo
|
|
|
|
persist-key
|
|
|
|
persist-tun
|
|
|
|
ifconfig <LOCAL_GATEWAY_IP> <REMOTE_GATEWAY_IP>
|
|
|
|
secret /etc/openvpn/<PEER_NAME>.key
|
|
|
|
```
|
|
|
|
|
|
|
|
then create a new key and share it with your peer
|
|
|
|
|
|
|
|
```
|
|
|
|
$ openvpn --genkey --secret /etc/openvpn/<PEER_NAME>.key
|
2015-02-11 10:26:49 +00:00
|
|
|
```
|
|
|
|
|
2015-02-11 10:27:54 +00:00
|
|
|
# Example Configuration if one peer has a floating ip
|
2015-02-11 10:26:49 +00:00
|
|
|
|
|
|
|
## peer with fixed ip
|
|
|
|
|
|
|
|
```
|
|
|
|
daemon
|
|
|
|
proto <PROTO>
|
|
|
|
mode p2p
|
|
|
|
dev-type tun
|
|
|
|
comp-lzo
|
|
|
|
dev <INTERFACE_NAME>
|
|
|
|
persist-key
|
|
|
|
persist-tun
|
|
|
|
float
|
|
|
|
port <LOCAL_PORT>
|
|
|
|
ifconfig <LOCAL_GATEWAY_IP> <REMOTE_GATEWAY_IP>
|
|
|
|
secret /etc/openvpn/<PEER_NAME>.key
|
|
|
|
```
|
|
|
|
|
|
|
|
## peer with floating ip
|
|
|
|
|
|
|
|
* Notice the local gateway ip of your peer is your remote gateway ip and
|
|
|
|
his remote gateway is your local gateway
|
|
|
|
* `<REMOTE_HOST>` is the ip address of your peer
|
|
|
|
* `<REMOTE_PORT>` is openvpn port, where your peer listen for traffic
|
|
|
|
|
|
|
|
```
|
|
|
|
daemon
|
|
|
|
proto <PROTO>
|
|
|
|
mode p2p
|
|
|
|
remote <REMOTE_HOST>
|
|
|
|
rport <REMOTE_PORT>
|
|
|
|
lport float
|
|
|
|
dev-type tun
|
|
|
|
dev <INTERFACE_NAME>
|
|
|
|
comp-lzo
|
|
|
|
persist-key
|
|
|
|
persist-tun
|
|
|
|
ifconfig <LOCAL_GATEWAY_IP> <REMOTE_GATEWAY_IP>
|
|
|
|
secret /etc/openvpn/<PEER_NAME>.key
|
2015-02-23 12:03:12 +00:00
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
# External Links
|
|
|
|
* multicast:
|
|
|
|
* **OpenVPN**
|
|
|
|
* [Optimizations for multicast over TAP w/ OpenVPN](https://community.openvpn.net/openvpn/ticket/79)
|
|
|
|
* [Sending multicast over a openvpn tunnel](http://forums.openvpn.net/topic8036.html)
|
|
|
|
|
|
|
|
* **RFC**
|
|
|
|
* [IPv6 - RFC3306](https://tools.ietf.org/html/rfc3306)
|
|
|
|
* [IPv4 - multicast](https://en.wikipedia.org/wiki/Multicast_address#GLOP_addressing)
|
|
|
|
* [IPv4 - GLOB calculator](http://labs.spritelink.net/glop)
|
|
|
|
* [RFC3108 GLOP Addressing in 233/8](http://tools.ietf.org/html/rfc3180)
|
|
|
|
* [RFC3138 Extended Assignments in 233/8](https://tools.ietf.org/html/rfc3138)
|