Gentoo + OpenVPN : getting things started in the correct order

I’m running an OpenVPN server, configured in bridging mode.

I had quite a bit of trouble getting OpenVPN to start after networking is up, but before the the bridge is setup so that the tap0 device, which is created by OpenVPN can be added to the bridge.

The solution is simpler : let the tap0 be automatically created and added to the bridge by Gentoo Linux, then start OpenVPN with a config file instructing to use the already created tap0 device.

This post shows the configuration snippets to get things started in the right order on Gentoo.

Here is the /etc/conf.d/net file :

# This blank configuration will automatically use DHCP for any net.*
# scripts in /etc/init.d.  To create a more complete configuration,
# please review /etc/conf.d/net.example and save your configuration
# in /etc/conf.d/net (this file :]!).

config_eth0=( "null" )

tuntap_tap0="tap"
config_tap0="null"

bridge_br0=( "eth0 tap0" )
brctl_br0=( "setfd 0" "sethello 10" "stp on" )
config_br0=( "dhcp" )

depend_br0() {
        need net.eth0 net.tap0
}

This files sets up eth0 (null configuration, so that it doesn’t use DHCP to get configured), creates tap0 device that will be used by OpenVPN and create the bridge br0 with those 2 eth0 and tap0 devices. The depend part ensures that when the bridge will be created, both eth0 and tap0 will have been configured.

You have to link this file to /etc/init.d as net.eth0, net.tap0 and net.br0 and add those to the default runlevel like so :

spaghetti init.d # cd /etc/init.d/
spaghetti init.d # ln -s /etc/conf.d/net net.eth0
spaghetti init.d # ln -s /etc/conf.d/net net.tap0
spaghetti init.d # ln -s /etc/conf.d/net net.br0
spaghetti init.d # rc-update add net.eth0 default
 * net.eth0 added to runlevel default
spaghetti init.d # rc-update add net.tap0 default
 * net.tap0 added to runlevel default
spaghetti init.d # rc-update add net.br0 default
 * net.br0 added to runlevel default

Finally add OpenVPN to the default runlevel as well :

spaghetti init.d # rc-update add openvpn default
 * openvpn added to runlevel default

That’s it. When you’ll restart your server, the devices will be configured in the proper order, and OpenVPN will be started and will use the automatically created tap0 device.

One thought on “Gentoo + OpenVPN : getting things started in the correct order”

  1. This is exactly I was looking for. The /etc/conf.d/net config is generally good, but consequent links in /etc/init.d/ is completely wrong. Instead symlinks to /etc/conf.d/ you should make links to /etc/init.d/ like this

    ln -s /etc/init.d/net.lo net.eth0 (if not exist)
    ln -s /etc/init.d/net.lo net.tap0
    ln -s /etc/init.d/net.lo net.br0

    Rest of the configuration looks ok and generally works for me.

Comments are closed.