Menu
▾
▴
Re: [Openvpn-users] address pool starting at .32 or .64
|
From: Josh C. <jos...@us...> - 2008-05-13 12:44:17
|
Bonno Bloksma wrote: > I want OpenVPN to start using addressen from the 172.16.1.0 network. > However, I want it to start at 172.16.1.32, not at 172.16.1.1 because > I need those lower numbers for something else. I'm unclear on what you want. Is the entire 172.16.1.0/24 network supposed to be the VPN network where .1 through .31 are reserved for other devices connected to the VPN? If this is your goal you can expand the server helper-directive and set your own ifconfig-pool range and server IP address. Can you clarify what you mean by "need those lower numbers for something else" ? Is this something else still going to be devices on the OpenVPN network, or is this need a separate physical subnet? > A server line can have one network and mask but that would limit me > in the amount of addresses I can hand out. > Server 172.16.1.32 255.255.255.224 > wil only give me .32 through .63 > Server 172.16.1.64 255.255.255.192 > wil only give me .64 through .127 > The line > Server 172.16.1.64 255.255.255.192 > wil give me the most addresses .128 through .255 but that leaves > nearly half of the range unsued. > > Is there a way to tell openvpn to exclude a certain range or is there > a way to tell openvpn to use several (connecting) parts by using, for > instance, more than one server line to combine ranges? > > If none of this is possible..... I can live with that for a while but > it might be a good idea for a next realease. You can't do what you propose in a single subnet; this isn't an OpenVPN limitation, but a standard network requirement. All networks must be defined by the network and a network mask, so you can't just choose arbitrary address ranges to serve as a network. To connect different networks together you need routers that are aware of each others networks and how to route traffic to the proper destinations. -- Josh |
