On 21/06/2020 13:14, Gert Doering wrote: > Hi, > > going through OpenVPN threads that went stale - I think this is > actually a nice addition (read: other people have already asked > me if this can be done). > > On Thu, Mar 05, 2020 at 01:53:12PM +0100, Jan Just Keijser wrote: >> So, for what it's worth, I've dusted off the patch again and rebased it >> to the current openvpn master tree. See attached. Note that I did only >> rudimentary testing, as I don't use Windows 10 a lot and I was testing >> using a mingw cross-compile only. In wireshark I *do* see that the >> correct DHCP offer is sent to the tap-win adapter. >> >> Also note that I implemented multiple search domains by separating them >> using semi-colons, e.g. >> >> --dhcp-option SEARCH example.com;example.org;example.nl;example.de >> >> etc as that was easier to implement > > The patch looks okay-ish on quick reading.
Feature-ACK from my side as well. But there are a few things we need to look more into. [...snip...] > More interesting is the question "which option to use" - it should > be synchronized between openvpn platform handlers. So if systemd-networkd > uses "SEARCH-DOMAIN" it would make sense to use that for windows > as well. Nit-pick, systemd-resolved is the target service in this case though. But it is related to systemd-networkd. But I agree, we should synchronize this a bit. IIRC, there might already be somewhat partial support for this in OpenVPN Connect clients as well, which might also be used in Access Server. I would also expect the OpenVPN Cloud service to facilitate such a feature. I have recently been working on systemd-resolved support in OpenVPN 3 Linux as well, and reached out earlier this week to Jonathan (update-systemd-resolved maintainer) to see if we can join forces better and standardize on a common understanding of the DHCP options. I would also like to at least consider pulling update-systemd-resolved (or a similar approach) into our OpenVPN distribution, as an alternative to the rather hacky pull-resolv-conf scripts we're shipping. I quickly spoke with Arne late on Friday about it as well, and we might also want to consider some IV flags from client to server as well, to flag support for features like split-dns (which at least systemd-resolved can provide). > Does anyone know about commercial VPN providers basing their clients > on OpenVPN? I will clarify with our folks internally how this will influence OpenVPN Cloud. I can't imagine many other commercial VPNs depending on such a feature, this is more typically a business feature than a consumer VPN feature. There might be a few ones implementing or needing such a feature, but if they don't appear here and raise there concerns here, I don't think we should spend time on them. -- kind regards, David Sommerseth OpenVPN Inc
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
