[mythtv-users] Open VPN server on backend

Fri Nov 20 03:26:28 UTC 2015

On Thu, 19 Nov 2015 15:34:11 -0500, you wrote:

>My combined frontend/backend has 2gb of RAM. After too many times of
>needing a file from the home network, I'm thinking of running an openvpn
>server. Anyone running one on their MythTV box? Is it pretty light load
>wise?

I run my OpenVPN server on my backend/frontend Mythbuntu 14.04 box.
The current motherboard has 8 Gibytes of RAM, but it also used to work
fine for many years on my old motherboard with 2 Gibytes.  I am
running OpenVPN in bridged mode, so I can access Windows/SMB shares on
my network - access to the broadcast packets is needed for that to
work.  The main overhead of running OpenVPN is not RAM use, but CPU
use when connected and exchanging packets, to do the encryption and
decryption.  I have not used it since I got my 200/200 Mbit/s fibre
recently, but I suspect that it will use a *lot* of CPU if it in fact
manages to do the encryption at full 200/200 speed.  More likely, it
will not be able to run that fast, even though I have quad core 3.6
GHz processor on that box.  But since I am unlikely to have a 200/200
connection at the other end when I am away on holiday this summer, I
do not think I will have any problems.

I can recommend OpenVPN for doing what you want.  It is a complete
pain to set up, but works well once you have it working, and in
bridged mode, it is just like the remote end is directly connected to
the home network, except for the extra delay for packets to get there
and back.  So you can just have Mythfrontend installed on your laptop
and have it talk to the backend at home to control things, such as
scheduling new recordings.  It is unlikely to be able to play
recordings directly though - that takes a lot of bandwidth.  I often
use VNC over OpenVPN to access the boxes on my network and that works
well as long as the connection has enough bandwidth.  I really like
the strong encryption that OpenVPN uses, and that I have full access
to my network, instead of just what SSH can provide.

The networking setup required for OpenVPN in bridged mode is
complicated.  Network Manager can not handle it, so I removed Network
Manager and set it up manually, and it took ages to get it all going
properly with both IPv4 and IPv6.  There is also a bug in the network
startup that my config triggers, where the startup code does not see
that the network interfaces have come up and keeps on waiting for
them.  I had to add a workaround for that where it starts the network
without waiting for all the interfaces to be up, otherwise booting
takes a very long time before it gives up waiting.

OpenVPN is off topic for this mailing list, so please email me
directly if you want help setting it up.  I can let you have copies of
my working config if you want them.