From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <aenertia@aenertia.net>
Received: from mail-lb0-x22d.google.com (mail-lb0-x22d.google.com
	[IPv6:2a00:1450:4010:c04::22d])
	(using TLSv1 with cipher RC4-SHA (128/128 bits))
	(Client CN "smtp.gmail.com",
	Issuer "Google Internet Authority G2" (verified OK))
	by huchra.bufferbloat.net (Postfix) with ESMTPS id 1045321F3F7
	for <cerowrt-devel@lists.bufferbloat.net>;
	Thu,  2 Oct 2014 19:33:54 -0700 (PDT)
Received: by mail-lb0-f173.google.com with SMTP id 10so276916lbg.18
	for <cerowrt-devel@lists.bufferbloat.net>;
	Thu, 02 Oct 2014 19:33:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=aenertia.net; s=dkimaenertianet;
	h=mime-version:sender:in-reply-to:references:from:date:message-id
	:subject:to:cc:content-type:content-transfer-encoding;
	bh=l+NDa9NLjEEPKZEHo9WsmHXC7jZEuSwE+L5Orrx6T+4=;
	b=GDRL6X/J2NdRS1vwgzBJs/3Frx4XMnB+tNxAW5AC+ONVtXC5SDO+sIDnqwE8Zkz79/
	ggtzS+HmXhPKTjRkbpqkPMQEHYpgKyaeOXXtUvTPoLes3o2JQrrOKXcey3j4DkcN1nPi
	fizcxrOSU6jsLR2Flrz2p/MA5KizoxJdpTLDY=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
	:date:message-id:subject:to:cc:content-type
	:content-transfer-encoding;
	bh=l+NDa9NLjEEPKZEHo9WsmHXC7jZEuSwE+L5Orrx6T+4=;
	b=PL46AYOSYIH1404Xw9/zbvIJdVr5tGWsYkJ35oc8xsJld9W4YgNuUGg7CBnfbInPZy
	Q2BZTh57n10GKGEl/PR/NTQwW6UOlgJ+5hYCYIghFFNmkZX8nMaT29X8dHvNCjSbvPpH
	1rIkjklv7yRdZkYtDQXHoPtcZSFmKEnGbWgfw720LDTCA4bCp9vM/zfnj8mMOEaDJwTD
	SpzGhelgFcbNeJy5Dzq1ujuyd24PlB6PCSe5WdZtNxQTJN+YLZuoq7Foj/qjM9MknP0B
	I79sjd5cHSdmY3Z/BqsYzYzx4oDf61lQLj8RSevZltRIeYcNcpC6ZrHZnDe8PlZCXkjg
	fX6Q==
X-Gm-Message-State: ALoCoQlXW6OdXo7eFT9bYQrnrItfHQ2sVXepmcP+QU/ScswnIdTqQ/SeM5AYzvuCSVHTdGkBOUiE
X-Received: by 10.152.7.145 with SMTP id j17mr2282162laa.77.1412303631922;
	Thu, 02 Oct 2014 19:33:51 -0700 (PDT)
MIME-Version: 1.0
Sender: aenertia@aenertia.net
Received: by 10.25.16.220 with HTTP; Thu, 2 Oct 2014 19:33:31 -0700 (PDT)
In-Reply-To: <CAKiAkGRVLi_KpG0YyvQV5oOuoxyv8CorGfNCB1uSPCpZL0p8+g@mail.gmail.com>
References: <542DFCCA.7080708@eggo.org>
	<CAKiAkGRVLi_KpG0YyvQV5oOuoxyv8CorGfNCB1uSPCpZL0p8+g@mail.gmail.com>
From: =?UTF-8?Q?Joel_Wir=C4=81mu_Pauling?= <joel@aenertia.net>
Date: Fri, 3 Oct 2014 15:33:31 +1300
X-Google-Sender-Auth: 7-S4tiRNH-uFMfVMFLoDM8rmLJI
Message-ID: <CAKiAkGRNqrm9WEKyvuG8ZKniBVzxOi+U65CTF=KhJXc_-0HE1g@mail.gmail.com>
To: "Eric S. Johansson" <esj@eggo.org>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Cc: cerowrt-devel <cerowrt-devel@lists.bufferbloat.net>
Subject: Re: [Cerowrt-devel] vpn fw question
X-BeenThere: cerowrt-devel@lists.bufferbloat.net
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Development issues regarding the cerowrt test router project
	<cerowrt-devel.lists.bufferbloat.net>
List-Unsubscribe: <https://lists.bufferbloat.net/options/cerowrt-devel>,
	<mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=unsubscribe>
List-Archive: <https://lists.bufferbloat.net/pipermail/cerowrt-devel>
List-Post: <mailto:cerowrt-devel@lists.bufferbloat.net>
List-Help: <mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=help>
List-Subscribe: <https://lists.bufferbloat.net/listinfo/cerowrt-devel>,
	<mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=subscribe>
X-List-Received-Date: Fri, 03 Oct 2014 02:34:23 -0000

Somewhat related question. Is anyone successfully using VxLANs in
Toronto release?

On 3 October 2014 15:24, Joel Wir=C4=81mu Pauling <joel@aenertia.net> wrote=
:
> I.e Your topology looks like this :
>
> [(Remote LAN) - VPN Client]---[INTERNET]---(Local LAN)[WAN][LAN][REMOTE-L=
AN])
>
> Your Local LAN knows nothing about Remote LAN and Vice versa. There is
> just a single Inteface/Client member that is a member of REMOTE-LAN.
> So to get traffic from Local LAN to Remote LAN all Local-LAN traffic
> needs to be masqueraded to that Single interface.
>
>
> -Joel
>
>
>
> On 3 October 2014 14:32, Eric S. Johansson <esj@eggo.org> wrote:
>> I was trying to setup my cerowrt box as an openvpn client. everything se=
ems
>> to be working. The VPN link comes up, tun0 is created. I can access mach=
ines
>> on the far end of the link from the AP and vice versa. the openwrt
>> incantation for the vpn says to create an interface called vpn0
>>
>> network.vpn0=3Dinterface
>> network.vpn0.proto=3Dnone
>> network.vpn0.ifname=3Dtun0
>>
>> ifconfig says  tun0 exists  but no vpn0. fw3 reload says:
>>
>> Warning: Section @zone[1] (lan) cannot resolve device of network 'lan'
>> Warning: Section @zone[2] (guest) cannot resolve device of network 'gues=
t'
>>
>> sometimes it says: Warning: Section @zone[1] (lan) cannot resolve device=
 of
>> network 'vpn0'
>>
>> tcpdump sees the ICMP request at se00 and tun0 but not at the remote tar=
get.
>> this leads me to believe that it's probably a firewall problem but I don=
't
>> know where the logs are.
>>
>> This brings me to one of the problem with had making changes in cerowrt,
>> namely, how the $##$& do you debug this thing? I've had to reflash this =
box
>> way too many times because I did something that effectively bricked it.
>> right now, I would settle for knowing where to find where logs are put.
>>
>> thanks
>> --- eric
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> Cerowrt-devel mailing list
>> Cerowrt-devel@lists.bufferbloat.net
>> https://lists.bufferbloat.net/listinfo/cerowrt-devel