How to implement a Bridged OpenVPN solution :: Ubuntu :: iTunes

post Category: Code, Internet — Chris @ 7:10 pm — post
postOctober 10, 2006

This article has primarily been written to allow other users to share their iTunes playlists from outside their local LAN. I write this entry not to cover the initial setting up of OpenVPN, there’s plenty documentation to aid you here, but rather the implementation of a bridged solution for OpenVPN. Whilst a routed approach scales better, Windows users will find themselves unable to resolve NetBIOS names - a critial part of iTunes’ successful operation across a LAN.

We aren’t even able to use a WINS Server to assist us here, as broadcast packets need to traverse across different LAN’s - impossible using a routed OpenVPN. No, we must configure a VPN solution deployed to use a bridged adapter, allowing full NetBIOS name resolution.

  1. Install the bridge utilities. Without this package, our solution will not work.

  2. Create a file called openvpn-bridge within /usr/local/bin/. Paste this shell code into the newly created file. Remember, if using VIM to ‘:set paste‘. 

    #!/bin/bash

# Define Bridge Interface
br="br0"

# Define list of TAP interfaces to be bridged,
# for example tap="tap0 tap1 tap2".
tap="tap0"

# Define physical ethernet interface to be bridged
# with TAP interface(s) above.
eth="eth0"

eth_ip=".."
eth_netmask=".."
eth_broadcast=".."
gw=".."

case "$1" in
  start)
  for t in $tap; do
      openvpn --mktun --dev $t
  done

  brctl addbr $br
  brctl addif $br $eth

  for t in $tap; do
      brctl addif $br $t
  done

  for t in $tap; do
      ifconfig $t 0.0.0.0 promisc up
  done

  ifconfig $eth 0.0.0.0 promisc up

  ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast
  route add default gw $gw
  ;;
  stop)
  ifconfig $br down
  brctl delbr $br

  for t in $tap; do
      openvpn --rmtun --dev $t
  done
  ifconfig $eth $eth_ip netmask $eth_netmask broadcast $eth_broadcast
  route add default gw $gw
  ;;
  *)
  echo "usage openvpn-bridge {start|stop}"

  exit 1
  ;;
esac
exit 0
# < ---END--->

Pages: 1 2 3

« Stopping O2 from disclosing your network location
Help! iTunes wont play my AAC files remotely?! »

1 person has left a comment

#1

Hi.

First of all - thanks for this great tutorial.

I have a bridged connection to my openvpn server and everthing works fine, but i can\’t see the mt-daapd library on my macbook pro itunes.

Appletalk works and ping although.

Do you know a solution for this problem? Is it is possible, that apple changed something in the new itunes 7.1.1?

ChrizDee

ChrizDee wrote on May 25, 2007 - 11:33 pm
You can leave a response, or trackback from your own site.

Write Your Comment

Comment Guidelines: Basic XHTML is allowed (a href, strong, em, code). All line breaks and paragraphs will be generated automatically.

You should have a name, right? 
Your email address, I promised I won't tell it to anyone. 
If you have a web site or blog, you can type the URL right here. 
This is where you type your comments. 
Remember my information for the next time I visit.
 

This is a captcha-picture. It is used to prevent mass-access by robots. (see: www.captcha.net)

You must read and type the 4 chars within 0..9 and A..F, and submit the form.

  

Oh no, I cannot read this. Please, generate a