Technical data

ManualsBrandsSamsung ManualsFlat Panel TVPC680-ZA

161

162

163

164

165

166

167

168

169

170

4. Packages

an additional DNS server) it will be assumed that a DNS server is listening on the IP of the

other end of the tunnel (see OPENVPN_x_REMOTE_VPN_IP (Page 166)). On the remote router

incoming DNS queries have to allowed in this case. (i.e. via OPENVPN_x_INPUT_y=’tmpl:dns

ACCEPT’)

OPENVPN_x_ROUTE_x_DOMAIN Default: OPENVPN_x_ROUTE_x_DOMAIN=”

Diﬀerent subnets can have diﬀerent domains assigned. Per OPENVPN_x_ROUTE_y one ac-

cording domain can be conﬁgured. If a OPENVPN_x_ROUTE_y_DNSIP exists for the domain,

it will be used, else the one set at OPENVPN_x_DNSIP. The eﬀect is the same as with

OPENVPN_x_DOMAIN but this method allows better documentation.

OPENVPN_x_DNSIP Default: OPENVPN_x_DNSIP=”

If the tunnel end point is not the appropriate DNS server set the IP of the appropriate

one here. If this is empty the one at OPENVPN_x_REMOTE_VPN_IP (Page 166) will be used.

OPENVPN_x_ROUTE_x_DNSIP Default: OPENVPN_x_ROUTE_x_DNSIP=”

Multiple subnets routed can also have diﬀerent DNS servers - deﬁne one per

OPENVPN_x_ROUTE_x (Page 168) here.

4.14.5. Expert Settings

Settings described in this chapter are all optional and should only be changed if the OpenVPN

connection is working but should be optimized (for example by the use of another encryption

algorithm).

All settings in OPENVPN_DEFAULT_ are otional. This means they don’t have to be written in

the conﬁg ﬁle. If an entry is missing in openvpn.txt the OpenVPN start script will use the

default value described here. If you don’t want to change this defaults do not write them to

the openvpn.txt conﬁg ﬁle!

General Settings

OPENVPN_DEFAULT_CIPHER Default: OPENVPN_DEFAULT_CIPHER=’BF-CBC’

One of the available encryption methods. Method ’BF-CBC’ is used as a default by all

OpenVPN versions (also non-ﬂi4l speciﬁc versions).

OPENVPN_DEFAULT_COMPRESS Default: OPENVPN_DEFAULT_COMPRESS=’yes’

OpenVPN uses adaptive LZO data compression to enlarge the bandwidth of a connection.

Adaptive means OpenVPN recognizes by itself when i.e. already compressed zip ﬁles are

sent over an OpenVPN connection. In such case data compression will be switched oﬀ

until data is sent that will beneﬁt from data compression. There is nearly no cause for

deactivating data compression because this enlarges bandwidth at nearly no cost. Only

disadvantage of data compression is a small increase of latency by some milliseconds.

For online games via VPN which need a ”good” ping, i.e. low latency it may be wise to

deactivate data compression.

OPENVPN_DEFAULT_CREATE_SECRET Default: OPENVPN_DEFAULT_CREATE_SECRET=’no’

169