[Noisebridge-discuss] Bridging & routing used with VPNs.
Jonathan Lassoff
jof at thejof.com
Wed Apr 21 17:30:32 UTC 2010
Excerpts from Jason Dusek's message of Wed Apr 21 10:18:29 -0700 2010:
> I'd like to set up a VPN server and then cause all traffic
> from my laptop to go through the VPN.
>
> As step 2, I would want to ensure that only "non-local"
> traffic went through the VPN.
>
> Is there any reason to prefer bridging to routing in this
> scenario? It seems that bridging would bind the laptop NIC
> to a tun/tap device which is bound to a NIC on the server.
> This would prevent me from being able to handle local
> traffic differently from non-local traffic, if I understand
> it right.
I believe that you can accomplish what you're talking about with both a
routing or a briding setup.
The only reason I could see to use bridging is if you want to talk
non-IP protocols or broadcast/multicast over your "VPN".
For example, if you have multiple hosts connected to your private
network that you want to have resolve each others' names with MDNS, you
might consider a bridged connection.
I suppose it will depend on how you're connecting your VPN, but a
briding setup will have a slightly higher overhead (transferring
link-layer headers), so I would use routing unless there's a compelling
reason to bridge.
Cheers,
jof
More information about the Noisebridge-discuss
mailing list