[OLSR-users] LQ, HNA and NAT

aaron (spam-protected)
Thu Feb 10 01:32:19 CET 2005

I would like to elaborate a bit on OpenVPN tunnels to a single NAT 

Why do we have it:
   no better solution so far

Why is it bad:

2) single point of control - (politically bad :)

Let me elaborate on this a bit, with our setup:

    A --> OpenVPNgw1  -- tunnel over cable --> OpenVPN server + OLSR   
<--- OLSR client C
    B --> OpenVPNgw2  --- tunnel over cable --> - |

OpenVPNgw1 will get default routes via OpenVPN server (runing OLSR)
Therefore It can only have a static host route to the OpenVPN server 
via its only next hop (which used to be its default gw)
--> When the OpenVPN server is down (like it was today) , you cannot 
reach the OpenVPNgw anymore from somewhere else

in numbers (intentionally changed a bit):


OpenVPN server:


routing tbl in OpenVPNgw1:

dest             gw  (<- this used to be the default router)  (<- this came from OLSR)

So you can see, if is down for some reason, the OpenVPNgw 
is also "down".

I thought about this problem a bit and - yes i do believe we need NAT 
as long as we dont have IPv6 everywhere,
but on the other hand it would definitely make sense to have some kind 
of fail-over behavior between inet gws.
Something like multicasting NAT entries is also not nice on the other 

Question: Can anybody see a problem with giving official IPs to "last" 
hops only? Then the "inbetween nodes" can have internal IPs, everybody 
would "talk" to HNA nets/hosts only and NAT can be abandoned.
How would the routing tables grow? Every HNA entry in every inbetween 
node as extra info? Doubling the routing entries?


More information about the Olsr-users mailing list