Hi, On 05/06/18 23:54, Selva Nair wrote: [cut] >> ACK on the feature, but NAK on "we can do this more nicely" reasons :-) >> >> First, I'd leave off the bits about "this can be useful" of the commit >> message - because that's not the point of this patch, you can *ignore* >> the settings already today. Maybe word this >> >> "This patch enables the client to run IPv6-only on the tun/tap interface, >> but will not make it ignore a pushed IPv4 config. To achieve that, one >> can use 'pull-filter ignore "ifconfig "' on the client or 'push-filter' on >> the server". >> >> (if we want to go into this here at all) > > > I don't think this belongs here and such advice could include other > details like what > to do with routes, redirect gateway etc. Better add it to the howto. >
Agreed to both comments. I'll trim the commit and make it more objective. > A more serious thing: > > - On windows we require that ifconfig is required with --dev tun. This > has to change. Could be tricky as TAP_WIN_IOCTL_CONFIG_TUN requires a > v4 address. Is 0.0.0.0 a valid address for this ioctl? Or does it need to be meaningful? I think this could be tested by applying only this patch and ignoring the pushed 'ifconfig ' directive (as explained in the commit). > > Minor stuff: > > - If no v4 address is set but still v4 routes are specified we should at least > print a warning as we do with ipv6. > Right. Will add the warning. > - redirect-gateway : we may want to force !ipv4 if ifconfig is missing > or should we mutate it to "ipv6 !ipv4" ? > This is more about changing the current default behaviour. Why is it !ipv6 by default in the first place? I'd rather keep default behaviours as they are now, to avoid messing up the user experience. However, I also understand that if there is no IPv4 and gateway-redirect is specified, then the user wants a default route for IPv6. Maybe we should keep the current behaviour as it is (!ipv6 by default) but print a warning when only ifconfig-ipv6 is provided? > May be there are more such nuances -- this patch will need some thoroug > testing before being ready for review. > >> >> Of course we'll also need to check if typical consumers of the management >> interface explode if you're not giving an IPv4 address to them... >> >> Selva, Jonathan, how will our GUI and Tunnelblick handle that? > > Windows GUI uses configured IPs only for logging and display so I > don't think it will complain, let alone explode. If any changes are > needed, likely to be minimal. We have to just keep the format of > reporting configured IPs unchanged even if some elements may be blank. > > Selva > Cheers, -- Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
