[lime-users] back to vpn

Pau pau at dabax.net
Thu May 11 17:01:35 UTC 2017


On 09/05/17 15:20, bruno vianna wrote:
> so, as i had mentioned to nicolas some time ago, i'd like to encrypt
> and tunnel the whole traffic of a local network and would like to try
> do it in a raspi.
> 
> i actually tried this configuration and it works really well. i made a
> post in portuguese [1], based on this [2]. all traffic routed to the
> raspi is sent over to a openvpn server. i actually changed the dhcp
> server on a openwrt router to give out the raspi address as gateway to
> all clients in the network, making the whole thing transparent to the
> users.
> 
> now the question is, of course, how to get this working in libre-mesh?
> simply changing the /etc/config/dhcp didn't work, since alfred seems
> to be the one filling dhcp requests.
> 
> also, there seems to be two approaches: this first one would be to
> change the gateway in the clients when they receive the dhcp lease.
> the other would be to keep the localnode gateways (x.x.0.1) and route
> the traffic from them to the raspi.
> 
> then there is also the issue of having more than one exits to the
> internet. right now the raspi is hardwired to the actual exit gateway
> (outside libre-mesh). but it could be automagically updated to use the
> best exit. it also nice to have the raspi physically close to the
> exit, so that that less internal bandwidth is wasted.
> 
> any thoughts? thanks!

So, if I understand correctly you want a do something like this:

AP clients -> Mesh nodes -> RasPi -> Mesh gateway -> Internet

Instead of:

AP clients -> Mesh nodes -> Mesh gateway -> Raspi -> Internet

To set the last, it is transparent to libremesh (since the Raspi is not
inside the mesh network). But for the first, I find it hard to integrate
into libremesh... the easiest would be to do something like:

Ap clients -> Raspi -> Mesh nodes -> Mesh gateway -> Internet

I'm not sure if I'm helping at all actually :/

> bruno
> 
> 
> 
> 
> 
> [1]http://www.brunovianna.net/documenta/?p=93
> [2]https://gist.github.com/superjamie/ac55b6d2c080582a3e64
> 

-- 
./p4u

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.libremesh.org/pipermail/lime-users/attachments/20170511/ad213c73/attachment.sig>


More information about the lime-users mailing list