2

Is it possible two bridge multiple openvpn networks like following -

                      root
                        |
      ----------------------------------
    S1          C1          C2         S4
     |                                 |
 ----------                 ---------------------------------
 C1.1      C1.2             C4.1         C4.2           C4.3

here root, S1 and S4 have public IPs. all three are openVPN servers. C2, C3, C1.1, C1.2 and so on are all clients and road warriors. is it possible to have a bridge at S1/S4 which connects the upper network with the lower one. I need a way to have a communication between C2 and C1.1.

So far i am thinking following config at S1

iface tun0 inet manual
iface tun1 inet manual
auto br0
iface br0 inet dhcp
bridge_ports tun0 tun1

Do i need to configure the server.conf and client.conf files at S1 also.

EDIT : The root network and the child networks needs to be part of one large network. same network address/series, same subnet basically.

The reason for such a configuration is we want the system to work for C1.2 even if root is down. and we want S1 to take the load for its own child. the servers S1, S4 and so on comes from different organizations. we want certain services hosted on C1.2 to be available at both root and S1. and at the same time allow backups of C1.2 at both S1 and root.

Mohit
  • 103
  • 3
Tushar
  • 29
  • 4
  • Generally you pass traffic between networks by routing it. Bridging is used when you want the interfaces on the _same_ network. That does not sound like what you are wanting to do. – Michael Hampton Dec 29 '13 at 17:50
  • I am a memebr of OP's (Tushar's) team. We do want the interfaces on the same network. but we want to allow redundancy as well. The root network and the child networks needs to be part of one large network. same network address/series, same subnet basically. The reason for such a configuration is we want the system to work for C1.2 even if root is down. and we want S1 to take the load for its own child. the server S1/S4 and so on comes from different organizations. we want certain services hosted on C1.2 to be available at both root and S1 and reverse is also true. I have made the edit to que. – Mohit Dec 30 '13 at 04:37

1 Answers1

0

OpenVPN is the wrong tool for that job. Hire a Network Engineer who works with proper equipment.

Magellan
  • 4,451
  • 3
  • 30
  • 53