Hi Selva, thanks for testing this branch again!
See below: On 08/06/18 00:14, Selva Nair wrote: > Hi, > > On Thu, Jun 7, 2018 at 1:51 AM, Antonio Quartulli <a...@unstable.cc> wrote: >> >> Hi Selva, >> >> I have tried to account most of your comments, but something might still >> be off. Building openvpn for Windows might need some time here as I >> don't have the entire environment ready yet. >> >> Would you mind giving my latest branch a try and let me know how it goes >> with regards to your previous observations? > > > > Did some quick tests and this seems to work quite well (but see the > note at the bottom): > > - v4 routes via tun just fail with a warning which is good (our route > errors not being FATAL pays off here) > - v4 routes via net_gateway just works : no idea why we support this, > but good to see this patch doesn't break it > - redirect-gateway causes warnings as v4 routes fail: > If its not too hard could we check !tt->did_ifconfig_setup before > attempting v4 redirect? Saying this because "--redirect-gateway with > no options automatically implies ipv4" is just a hangover from the > past that we are stuck with. For other routes it may be harder to > detect whether its via the tun or not so just letting them error out > is fine. And those warnings provide useful feedback to the user. > Don't you think it's still meaningful to print the warning? somebody is asking for a redirect that does not make sense because there is no v4 configured and the config should be adjusted. No? > A minor thing: > > - The warning > "WARNING: OpenVPN was configured to add an IPv4 route. However, no > IPv4 has been configured for this interface, therefore the route > installation may fail or may not work as expected." > is printed without the M_WARN flag --- so syslog won't see it as a > warning nor does the GUI. M_INFO|M_WARN will make it print at verb > 0 > with the warning tag. If that sounds like a strange combination, > invent a warning level like D_GENERIC_WARNING = LOGLEV(1,0,M_WARN). We > don't have one. > you are the master of the log levels, therefore I'll just follow your suggestion, unless somebody else objects. > Note: All that said, I can't seem to connect to the server via ipv6 > when there is no v4 address. tracert fails before the first hop. > v6 does work when ifconfig is not filtered out. > > One difference from my earlier test using your previous > version with the minor change to allow tap initialize is that the tap > adapter now gets the link-local v4 address (169.254.x.y) as opposed to > staying at 0.0.0.0 earlier. But this may be just dependent on the order > in which I tried various combinations and may not matter. > This happens because I have factored out the set 0/0/0 in open_tun(). I have added a "if (tt->did_ifconfig_setup)" that prevents the entire setup if no ipv4 is present. I wanted to see if this could make any difference. Should be at tun.c:5721. Feel free to remove that if and see if it makes any difference again. > So, is the tap-driver mis-behaving when the v4 ip/net/mask is set as > 0/0/0 ? Will test this further when I get time later today. > > Thanks for working on this, Thank you! I am still struggling to get my cross builder going, therefore having somebody else doing sane windows tests is a big value for this work. Cheers, -- Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
