So apparently OpenVPN is a douche of an application by destroying/recreating any tun devices you ask it to bind to. This causes havoc with pf/altq if you queue on those tun interfaces.
I've asked on the openvpn-users mailing list if there's any way to have OpenVPN avoid teardown of an existing tun(4) interface but nobody had any useful answers (besides "use the up/down scripts")... yeah, thanks. Has anyone here used OpenVPN in server mode and overcome this? Thanks, -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net/
