Bind address for attachment points #442
Comments
|
This is indeed a missing feature in the user interface. The admin panel in the background does support defining this bind address, so if you reach out to the scionlab admins, they should be able to help you with a quick workaround. As far as I can tell, the configuration generated for the openvpn server does not take this into account, though. As a workaround, this can be fixed manually in the generated openvpn server configuration file; the |
|
Thanks for the insights, @matzf. It's nothing urgent, for my use case I was able to work around this limitation (e.g., by modifying the OpenVPN setting manually). I'm happy to contribute a fix if there is interest. 🙂 |
|
Aha sure, I've already created a PR in the meantime. This was the second time this question came up, so I figured it should just be fixed. Note that I'm also "just" an outside contributor and no-longer officially working on SCIONLab. |
When setting up a SCIONLab AS, it is possible to define a bind address that is different from the public address to support NATed setups.
However, this is only possible for the upstream link to the parent. When making the AS an attachment point, setting a separate bind address for child links is not possible, thus prohibiting setting up NATed attachment points.
This affects both the topology file and the VPN server configuration.
The text was updated successfully, but these errors were encountered: