OpenVPN routing mesh?



  • I have openvpn star topology (server -> 3 clients) up and running on RC-2:

    c1
       
         
            S–---c3
            /
          /
      c2

    where LAN subnets could be something like:

    S - 192.168.0.0/24
    c1 - 192.168.1.0/24
    c2 - 192.168.2.0/24
    c3 - 192.168.3.0/24

    Clients had no problems reaching S subnet (push route statement), but for S to reach c subnets i had to make static routes on tun0.

    I would like to make vpn tunnels between 3 clients, each site advertising its own subnet:

    c1------------
      |  \        |
      |    \        |
      |      S-----c3
      |      /      |
      |    /      |
      c2------------

    so that c1 can reach c2 or c3 without going through S.

    What would be the best way of achieving this?
    Should I create vpn server on each c site?
    Is there a better way to exchange routes (ospfd or some other routed)?

    Any links/howto's/tutorials are greatly appreciated.



  • You can create all the other connections in the same manner, its highly likely that if one connection fails, e.g. C1 to C2 that either C1 to S or C2 to S will also fail.

    Alternatively you can try configuring OSLR above the OpenVPN connections.  You probably need to specify each connection as a different network so regular routing doesn't go through the VPN directly.


Locked