Openvpn Bridge Route

[pitero]

Witam, mam taki problem z vpn w trybie bridge.

 

eth0 - 192.168.1.254

eth1 - ip.zewn.netu

 

załadowany moduł bridge

 

route

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

ip.sieci.zewn.netu * 255.255.255.248 U 0 0 0 eth1

192.168.1.0 * 255.255.255.0 U 0 0 0 eth0

169.254.0.0 * 255.255.0.0 U 0 0 0 eth0

default ip.zewn.netu 0.0.0.0 UG 0 0 0 eth1

 

udostępnione poł. internetowe - wszystko hula

 

montuje most

eth="eth0"

eth_ip="192.168.1.200"

eth_netmask="255.255.255.0"

eth_broadcast="192.168.1.255"

openvpn --mktun --dev $tap

brctl addbr $br

brctl addif $br $eth

pause

brctl addif $br $tap

ifconfig $tap 0.0.0.0 promisc up

ifconfig $eth 0.0.0.0 promisc up

ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast

 

no i teraz

 

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

ip.sieci.zewn.netu * 255.255.255.248 U 0 0 0 eth1

192.168.1.0 * 255.255.255.0 U 0 0 0 br0

192.168.1.0 * 255.255.255.0 U 0 0 0 eth0

169.254.0.0 * 255.255.0.0 U 0 0 0 eth0

default ip.zewn.netu 0.0.0.0 UG 0 0 0 eth1

 

ifconfig

br0 Link encap:Ethernet HWaddr 00:0E:2E:52:FE:49

inet addr:192.168.1.200 Bcast:192.168.1.255 Mask:255.255.255.0

inet6 addr: fe80::20e:2eff:fe52:fe49/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:2 errors:0 dropped:0 overruns:0 frame:0

TX packets:8 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:273 (273.0 TX bytes:540 (540.0

 

eth0 Link encap:Ethernet HWaddr 00:0E:2E:52:FE:49

inet addr:192.168.1.254 Bcast:192.168.1.255 Mask:255.255.255.0

inet6 addr: fe80::20e:2eff:fe52:fe49/64 Scope:Link

UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1

RX packets:1030 errors:0 dropped:0 overruns:0 frame:0

TX packets:27950 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:144042 (140.6 KiB) TX bytes:2028735 (1.9 MiB)

Interrupt:11 Base address:0xa800

 

eth1 Link encap:Ethernet HWaddr 00:0E:2E:52:DA:67

inet addr:ip.zewn.netu Bcast:88.x9.1x.1x Mask:255.255.255.248

inet6 addr: fe80::20e:2eff:fe52:da67/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:4190 errors:0 dropped:0 overruns:0 frame:0

TX packets:1963 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:713939 (697.2 KiB) TX bytes:315408 (308.0 KiB)

Interrupt:10 Base address:0xa400

 

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:27423 errors:0 dropped:0 overruns:0 frame:0

TX packets:27423 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:1752663 (1.6 MiB) TX bytes:1752663 (1.6 MiB)

 

tap0 Link encap:Ethernet HWaddr 12:CF:29:67:3B:CF

inet6 addr: fe80::10cf:29ff:fe67:3bcf/64 Scope:Link

UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:7 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:0 (0.0 TX bytes:0 (0.0

 

 

kompy z sieci lokalnej mogą ping-ować na eth0, br0, eth1 i tyle.

Do modemu dsl już nie, a tym bardziej gdzieś dalej

 

po zatrzymaniu mostu

br="br0"

tap="tap0"

ifconfig $br down

brctl delbr $br

openvpn --rmtun --dev $tap

 

wszystko wraca do normy - czyli sieć wewn uzyskuje dostęp do netu

 

W czym może być problem ?

Czemu pingi przestają działać ?