Hello :) I think, that i found bug (using 2.1-rc1 for both client and server) which shows up when the following conditions are met:
- server uses topology "subnet" - client has it's own configuration file inside --ccd-dir My server configuration: server.conf: --- snip --- topology subnet server 10.16.0.0 255.255.0.0 --- snip --- client configuration inside ccd-dir: --- snip --- # ifconfig-push 10.16.0.13 10.16.0.1 # --- snip --- When client (linux openvpn 2.1-rc1) authenticates, it get the following pushed options: PUSH: Received control message: 'PUSH_REPLY,route 192.168.0.0 255.255.0.0,route-gateway 10.16.0.1,topology subnet,ping 2,ping-restart 4,ifconfig 10.16.0.13 10.16.0.1' ... and therefore performs the following commands: /bin/ip link set dev tun0 up mtu 1500 /bin/ip addr add dev tun0 10.16.0.13/4 broadcast 255.255.255.255 /bin/ip route add 192.168.0.0/16 via 10.16.0.1 RTNETLINK answers: Network is unreachable Which is wrong... ofcourse. If i manually perform the following commands on client, everything works okay: /bin/ip addr flush dev tun0 /bin/ip addr add dev tun0 10.16.0.13/16 /bin/ip route add 192.168.0.0/16 via 10.16.0.1 dev tun0 Well, it seems that openvpn client doesn't know which netmask should apply to pushed tun device address. Changing client configuration file to --- snip --- # ifconfig-push 10.16.0.13 10.16.0.1-255.255.0.0 # --- snip --- doesn't help, becouse netmask parameter is completely ignored (it is not pushed to client). However, everything works okay with topology p2p, when client runs the following command: /bin/ip addr add dev tun0 local 10.16.0.13 peer 10.16.0.1 ... reason why i want to use topology subnet? I want to assign only one ip per client and i want also support windows and unix clients at the same time. Best regards, Brane -- Brane F. Gračnar Sistemski administrator za UNIX okolje Interseek d.o.o., Stegne 31, SI-1000 Ljubljana e-mail > b...@interseek.si www.interseek.si, www.najdi.si
