Menu
▾
▴
Re: [Openvpn-devel] Netmask OpenVPN Server
|
From: Jan J. K. <ja...@ni...> - 2010-08-31 12:51:40
|
Gert Doering wrote: > Hi, > > On Tue, Aug 31, 2010 at 12:35:03PM +0200, Eike Lohmann wrote: > >> In the past only /16 networks were possibel per openvpn instance. >> Is it now possibel to define larger networks or define 2x /16 networks >> on one openvpn instance? >> > > I assume that you're talking about this error message: > > --server directive netmask allows for too many host addresses (subnet must be %s or higher) > > right? If yes, it should work to change > > #define IFCONFIG_POOL_MIN_NETBITS 16 > > in pool.h to "14" (etc) and recompile - every extra bit will double > memory consumption [for the pool handling, of I remember right], so > use with care. > > (You really have more than 16000 users on a single OpenVPN instance? > Wow, I'm impressed!) > alternatively, if you have fewer than 16000 users but want to have a very large network anyways then don't use 'server 10.192.0.0 255.240.0.0' but try something like ifconfig 10.192.0.1 10.192.0.2 ifconfig-pool 10.192.100.100 10.192.100.192 route 10.192.0.0 255.240.0.0 push "route 10.192.0.1" # if client-to-client is not used push "route 10.192.0.0 255.240.0.0" # this is used for client-to-client this sets up the network 10.192.0.0/12 but allocates a much smaller pool for the clients inside this network. HTH, JJK |
