From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-148298-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 7A76A1381F3
	for <garchives@archives.gentoo.org>; Thu, 27 Jun 2013 06:43:59 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id E7A0AE094C;
	Thu, 27 Jun 2013 06:43:42 +0000 (UTC)
Received: from mail-wi0-f182.google.com (mail-wi0-f182.google.com [209.85.212.182])
	(using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 991C3E086F
	for <gentoo-user@lists.gentoo.org>; Thu, 27 Jun 2013 06:43:41 +0000 (UTC)
Received: by mail-wi0-f182.google.com with SMTP id m6so258451wiv.3
        for <gentoo-user@lists.gentoo.org>; Wed, 26 Jun 2013 23:43:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        bh=FbB/h/Nb9b68Uf+ql010FqtDxP6vpd5mBfx/xiF2ZMc=;
        b=h6jXzIEhl5oVDCjvF4KJlDedLQYqmIAb3jVrM/UPST+YT/1pteI2ZpT5B77W221vZD
         ndMLbQ9Kky0FkElnGpH/Bi7n0TfMfS+BBAlSljZ30Z/kRYSEP5FaKFlJF32PoTdBcGQs
         HosSKRzCnphMdGsdcuYE72+IX42ihBP8slY0b3cydEx6ohTNmqf5EHl5s2YeE89dleG5
         2MBPRreW5f5dQsH+Jl0VYQh1pAsc4eXtmb4VExJmYXDEO4qzIr/Fo0ihsOsotwCK0Mwi
         wf9FDwFugN8eYnDN4+TQ2mLaa/oXx31EA1RKmhyr8m2yQE0oDfdx4X1tpMvADoPX3jV3
         S2Aw==
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
X-Received: by 10.194.120.7 with SMTP id ky7mr5063139wjb.89.1372315420278;
 Wed, 26 Jun 2013 23:43:40 -0700 (PDT)
Received: by 10.194.46.99 with HTTP; Wed, 26 Jun 2013 23:43:40 -0700 (PDT)
In-Reply-To: <df94a09d961f7014f60d0af4a61bb067.squirrel@www.antarean.org>
References: <CAN0CFw1auieieHD83Lkh680ZF+y23GO1Yx8dsV1ZMJm01o81cA@mail.gmail.com>
	<8212218a5d006a714030e99a3fe5ebab.squirrel@www.antarean.org>
	<CAN0CFw1pRoHEcQevJeM6_d7vbpQ1XfABE_8oqRU1CcZDhLYP7A@mail.gmail.com>
	<d395e8cf0e5108653f7b73308b1a5548.squirrel@www.antarean.org>
	<CAN0CFw3VTxB54vR2M_2tQLvehf3rtrVzVEj31L4rdguET0fAkQ@mail.gmail.com>
	<af82930c-9716-4668-a55f-cc5a21089b12@email.android.com>
	<df94a09d961f7014f60d0af4a61bb067.squirrel@www.antarean.org>
Date: Wed, 26 Jun 2013 23:43:40 -0700
Message-ID: <CAN0CFw3KzWVAWpAUCC2OEeVM5gbHYypZ_sAKtEPqF8FNhQQ5GQ@mail.gmail.com>
Subject: Re: [gentoo-user] {OT} Incorporating openvpn in backup scheme
From: Grant <emailgrant@gmail.com>
To: gentoo-user@lists.gentoo.org
Content-Type: text/plain; charset=ISO-8859-1
X-Archives-Salt: 80eb93f0-5e04-48a4-af2e-a2bdfd2d49ed
X-Archives-Hash: 12fada6f8e8573f1bee23ea78f54476e

>>>>>>> I have several remote systems all pushing backups to my local
>>>laptop
>>>>>>> via rdiff-backup.  Sometimes when on the road I find myself behind
>>>a
>>>>>>> router and the remote systems are unable to push.  Is openvpn the
>>>>>>> right solution here?  Should I run a separate openvpn server on
>>>each
>>>>>>> system to be backed up with my laptop as the client?
>>>>>>
>>>>>> If you can configure the router to forward the port used by the
>>>OpenVPN
>>>>>> server to your laptop, you can run the server on your laptop.
>>>>>
>>>>> I can't rely on being able to configure the router unfortunately,
>>>but
>>>>> I have to admit admin/admin does work a lot of the time.
>>>>>
>>>>>> But, as is more likely, when you can not configure the router,
>>>running
>>>>>> an
>>>>>> OpenVPN server on (at least one) remote system and having your
>>>laptop
>>>>>> connect to that, you can have the other systems push to your laptop
>>>over
>>>>>> the VPN-link.
>>>>>> Either directly (by establishing multiple VPN-links from your
>>>laptop
>>>>>> (one
>>>>>> to each server) or via one of the remote systems.
>>>>>
>>>>> So I'm sure I understand, I should run the openvpn server on one of
>>>my
>>>>> remote systems and connect to that with each of the other remote
>>>>> systems and the laptop.  Then I can back up from any of the remote
>>>>> systems to the laptop and all the laptop needs to be able to do is
>>>>> make an outbound connection to the openvpn server?
>>>>
>>>> 2 options:
>>>> 1) OpenVPN on every remote system and have laptop connect to all
>>>remote
>>>> systems for the backup
>>>>
>>>> 2) OpenVPN on 1 remote system (configured as router for the
>>>VPN-links)
>>>>  - laptop and other remote systems connect to this remote system
>>>>  - backup are sent to laptop via this one remote system
>>>
>>>#2 sounds cooler.  Is that what you'd do?
>>>
>>>- Grant
>>
>> Yes.
>> With the VPN server being at my home network.
>
> Need to add to this:
> Option #2 has a few downsides:
> 1) The system running the VPN-server will have a lot more bandwidth
> utilisation. (Backups for other systems will go through the link this one
> has)
> 2) If that system is down, none of the other systems can be accessed via VPN.
>
> For me the downsides don't count as the server can be accessed really
> easily and I pay the same for my home internet connection when I use it or
> don't use it.

Convinced.  Thank you for your help.

- Grant