Open Stack

Hi Egoitz,

As far as the security is concerned, it should be no issue on it as long as
it's no clear text transmitted.

These questions would be sorta architecture level. I sure named the mail
subject with a big question mark. (Seemingly it's too big :(.) I'd like to
clear my concerns which couldn't be easy to be found by google in a couple
of days.

That reminds me the fourth question, can the tunnel bases on openvpn be
used as disaster recovery or remote backup? I guess the performance
wouldn't be high enough to support this. So the purpose of openvpn would
only be remote management.

All the questions in the mail are not positive yet. Please let me know your
points.

Regards,
Howard

On Tue, Oct 23, 2012 at 10:00 PM, Egoitz Aurrekoetxea Aurre <
egoitz at ramattack.net> wrote:

> Good afternoon Hao,
>
> I think it's pretty nice Openstack guys to have selected OpenVPN as
> cloudpipe vpn server… basically unless IMHO it's of the best vpn servers… I
> would trust on it for securing any connection…. have you ever played with
> it??
>
> Regards,
>
> El 23/10/2012, a las 02:06, Hao Wang <hao.1.wang at gmail.com> escribió:
>
> Hi guys,
>
> I didn't see the mail after I sent it out. This may be lost somewhere in
> the mailgroup before.
>
> I've noticed there is a discussion regarding if the community should
> purchase public MAC OUI to provide vpn service incase the private sites
> have the default MAC assignments. I googled but didn't reach out any useful
> material to address my concern. Have you got the similar question ever on
> your mind?
>
> First, why we use openvpn? I know it's kind of arch question, like how to
> choose a right opensource software. On the other way, please let me know
> your point why we don't choose IPSEC or other VPNs.
>
> Secondly, what the scenario is it to avoid assigning the default MAC
> addresses? Is it site-to-site or for an alone PC to access back to private
> LAN?
>
> Thirdly, if default MAC assignment only influences L2 VPN in terms of
> site-to-site access, what about IPSEC or SSL VPN? To my understanding, the
> packets unencapped at the edge of destination network, they are going to
> face the similar issue no mather what kind of VPN is, source and dest MAC
> addresses are on the same network and it makes network devices confused.
>
> Really appreciate your any input.
>
> Thanks,
> Howard
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20121023/d0d00cc3/attachment.html>