Hi Egoitz,<div><br></div><div>As far as the security is concerned, it should be no issue on it as long as it's no clear text transmitted.</div><div><br></div><div>These questions would be sorta architecture level. I sure named the mail subject with a big question mark. (Seemingly it's too big :(.) I'd like to clear my concerns which couldn't be easy to be found by google in a couple of days. </div>
<div><br></div><div>That reminds me the fourth question, can the tunnel bases on openvpn be used as disaster recovery or remote backup? I guess the performance wouldn't be high enough to support this. So the purpose of openvpn would only be remote management.</div>
<div><br></div><div>All the questions in the mail are not positive yet. Please let me know your points.</div><div><br></div><div>Regards,</div><div>Howard</div><div><br><div class="gmail_quote">On Tue, Oct 23, 2012 at 10:00 PM, Egoitz Aurrekoetxea Aurre <span dir="ltr"><<a href="mailto:egoitz@ramattack.net" target="_blank">egoitz@ramattack.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">Good afternoon Hao,<div><br></div><div>I think it's pretty nice Openstack guys to have selected OpenVPN as cloudpipe vpn server… basically unless IMHO it's of the best vpn servers… I would trust on it for securing any connection…. have you ever played with it??</div>
<div><br></div><div>Regards,</div><div><br><div><div><div>El 23/10/2012, a las 02:06, Hao Wang <<a href="mailto:hao.1.wang@gmail.com" target="_blank">hao.1.wang@gmail.com</a>> escribió:</div><br><blockquote type="cite">
<div><div class="h5"><span style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif">Hi guys,</span><div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif">
<br></div><div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif">I didn't see the mail after I sent it out. This may be lost somewhere in the mailgroup before.</div>
<div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif"><br></div><div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif">
I've noticed there is a discussion regarding if the community should purchase public MAC OUI to provide vpn service incase the private sites have the default MAC assignments. I googled but didn't reach out any useful material to address my concern. Have you got the similar question ever on your mind? </div>
<div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif"><br></div><div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif">
First, why we use openvpn? I know it's kind of arch question, like how to choose a right opensource software. On the other way, please let me know your point why we don't choose IPSEC or other VPNs.</div><div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif">
<br></div><div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif">Secondly, what the scenario is it to avoid assigning the default MAC addresses? Is it site-to-site or for an alone PC to access back to private LAN?</div>
<div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif"><br></div><div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif">
Thirdly, if default MAC assignment only influences L2 VPN in terms of site-to-site access, what about IPSEC or SSL VPN? To my understanding, the packets unencapped at the edge of destination network, they are going to face the similar issue no mather what kind of VPN is, source and dest MAC addresses are on the same network and it makes network devices confused.</div>
<div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif"><br></div><div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif">
Really appreciate your any input.</div><div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif"><br></div><div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif">
Thanks,</div><div style="color:rgb(34,34,34);font-size:13px;font-family:arial,sans-serif">Howard</div></div></div>
_______________________________________________<br>Mailing list: <a href="https://launchpad.net/~openstack" target="_blank">https://launchpad.net/~openstack</a><br>Post to : <a href="mailto:openstack@lists.launchpad.net" target="_blank">openstack@lists.launchpad.net</a><br>
Unsubscribe : <a href="https://launchpad.net/~openstack" target="_blank">https://launchpad.net/~openstack</a><br>More help : <a href="https://help.launchpad.net/ListHelp" target="_blank">https://help.launchpad.net/ListHelp</a><br>
</blockquote></div><br></div></div></div></blockquote></div><br></div>