← Back to team overview

openstack team mailing list archive

Why OpenStack use openvpn?

 

Hi guys,

I didn't see the mail after I sent it out. This may be lost somewhere in
the mailgroup before.

I've noticed there is a discussion regarding if the community should
purchase public MAC OUI to provide vpn service incase the private sites
have the default MAC assignments. I googled but didn't reach out any useful
material to address my concern. Have you got the similar question ever on
your mind?

First, why we use openvpn? I know it's kind of arch question, like how to
choose a right opensource software. On the other way, please let me know
your point why we don't choose IPSEC or other VPNs.

Secondly, what the scenario is it to avoid assigning the default MAC
addresses? Is it site-to-site or for an alone PC to access back to private
LAN?

Thirdly, if default MAC assignment only influences L2 VPN in terms of
site-to-site access, what about IPSEC or SSL VPN? To my understanding, the
packets unencapped at the edge of destination network, they are going to
face the similar issue no mather what kind of VPN is, source and dest MAC
addresses are on the same network and it makes network devices confused.

Really appreciate your any input.

Thanks,
Howard

Follow ups