Hi, On Wed, Nov 19, 2025 at 09:19:35AM -0500, Jon Chiappetta via Openvpn-devel wrote: > This is something I noticed recently with potential connection > interruptions which could occur which the original older code checked for! > > https://github.com/OpenVPN/openvpn/pull/910
Yeah, but, no.
Since our code is single-threaded, there is no time frame between
"unlearn" and "relearn" where a packet could come in and be dropped, due
to "address not known".
So yes, on a PUSH_UPDATE with "the same ifconfig again", we do more work
than we would have to do, but it has no adverse effects - and if you are
worried about that, then do not send PUSH_UPDATE with unchanged configs
(given that the client would do a full tun restart on receiving PUSH_UPDATE,
this has way more impact than on the server).
> There was an update pushed earlier this year which undid some important
> logic in terms of learning/unlearning the ifconfig IP address. The older
> original code would check that the new/old IPs don't match first before
> performing that logic. I believe this was important and correct because it
> could cause connection interruptions during the learn/unlearn process if
> the IP address has stayed the same!
The older code did not do proper unlearning at all, so was obviously not
correct.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
