LPIC-2 - Exam 202 (part 2 of 2), version 4.5 202-450 Question # 12 Topic 2 Discussion
202-450 Exam Topic 2 Question 12 Discussion:
Question #: 12
Topic #: 2
Which of the following OpenVPN configuration options makes OpenVPN forward network packets between VPN clients itself instead of passing the packets on to the Linux host which runs the OpenVPN server for further processing?
The client-to-client option in OpenVPN enables the VPN server to forward packets between VPN clients internally, without sending them to the IP layer of the host system. This means that the host networking stack does not see or process the client-to-client traffic at all. This option can improve the performance and efficiency of the VPN, as well as reduce the load on the host system. However, it also means that the VPN server cannot apply any firewall rules or routing policies to the client-to-client traffic, as it would if the traffic passed through the host IP layer. Therefore, this option should be used with caution and only when the VPN clients are trusted and isolated from other networks. References:
OpenVPN 2.x HOWTO, section “Client-to-client”
OpenVPN 2.4 man page, option “–client-to-client”
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit