7950 questions

9402 answers

15102 comments

12979 members

0 votes
55 views 0 comments
by
Hi all,

I'm trying to get two embedded devices to communicate over a site-to-site VPN. I have a RUT950 as an L2TP server and a RUT240 as a client. They're on 192.168.1.1/24 and 192.168.2.1/24. I've got the routing between the two subnets working, but I also need multicast to work for one of the embedded devices (the "main controller", 192.168.1.105) to discover the other one (the "remote device", 192.168.2.110).

The manual for my devices says "Discovery of Remote Devices, from Designer or a controller, is achieved using multicast traffic with the 239.192.38.8 multicast group (...) Each remote Device in the system must have an IP Address in the same range as the controllers in the project. This TCP connection is used for all communications with the controller, once the discovery process has been completed using multicast.". ("Designer" is their programming software)

I must admit I don't really fully grasp how multicast works, but I think the concept is in this case is that either the main controller or the Designer software sends "something" to 239.192.38.8, and that all remote devices reply from their respective IPs ... right?

I tried adding a static route on the RUT950: interface is the L2TP if, destination IP 239.192.38.8/32 (also tried 239.192.0.0/14), gateway is the RUT240's virtual L2TP IP. That did not work. I've tried to read up on this and I get the impression it's more complicated, but I can't quite figure out where to begin with this.

Any hints? I don't necessarily need to use L2TP, any other kind of VPN is also OK.

EDIT: tried the same thing with PPTP, no luck.

EDIT 2: after further research I think maybe OpenVPN in TAP mode should work. I've realised that the problem is that multicast (and broadcast) is difficult to route across L3 (makes sense), but OpenVPN TAP is L2. I'm ok with having both sites on the same subnet (actually it's better). I'm out of office now, but is there anything in particular I should be aware of when I get back to test this? Are there any other L2 VPN protocols that are worth knowing about?

1 Answer

0 votes
by
Hi,

I would imagine that for such use-case it's easier to use VPNs that do not require manual configuring each time you want to add the device into the "accessible list".

In your use case OpenVPN TAP should really do the trick as the devices will communicate as in the same local network in L2 layer.

Also, you could try ZeroTier which does not require tinkering at all and it also supports L2.

It seems that for multicast to work devices just have to see everything in L2. (make sure you disable all DHCP's, DNS advertisements and other services that work over the subnet because it could cause IP conflicts and other services to stop working.

EB.