On 03/01/2010 08:12:03 AM, Stefan Monnier wrote:
> >> If someone could give at least some vaguely plausible scenario,
> >> that'd help.
> > Maybe there's more than one tunnel and there's some stupid
> > load balancing going on using a hosts file? (Along with
> > deleting all non-vpn routes.)
>
>
>> If someone could give at least some vaguely plausible scenario,
>> that'd help.
> Maybe there's more than one tunnel and there's some stupid
> load balancing going on using a hosts file? (Along with
> deleting all non-vpn routes.)
[ Setting aside the fact that using OpenVPN's broken handling o
On 02/28/2010 02:04:01 PM, Stefan Monnier wrote:
>
> I'm at a loss when it comes to try and imagine someone who's used to
> the
> current behavior and bothered by the new behavior. Really. How can
> the
> current behavior ever be preferable? Why would someone ever prefer
> that
> a route would
> I was doing some considerations back and forth here before starting this
> second round. The issue is that it changes the behaviour quite a lot
> from what might be expected from earlier versions (if you're used to the
> former behaviour).
I'm at a loss when it comes to try and imagine someone
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 27/02/10 00:27, Stefan Monnier wrote:
>> - From the following review discussion, a few other things needs to be
>> changed and I hope you are willing to look into adopting your patch to
>> those guidelines. This is also to follow the standards [1]
> - From the following review discussion, a few other things needs to be
> changed and I hope you are willing to look into adopting your patch to
> those guidelines. This is also to follow the standards [1] we try to
> introduce as well.
Sure, I'd like to get this in the main OpenVPN code, so I'l
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
(resent - to get it into the mailing list)
Hi Stefan!
I believe you've noticed we've included a patch which aims to remove the
randomisation I found when reviewing your patch.
- From the following review discussion, a few other things needs to be
ch
David Sommerseth wrote:
> Unfortunately, it's running on a lot of different embedded systems.
> OpenWRT and dd-wrt are just two of many firmwares which ships it. I
> would not be surprised if somebody have made VoIP hardware phones which
> includes OpenVPN. And these phones could in theory even
Hi,
On Fri, Feb 19, 2010 at 05:18:29PM +0100, David Sommerseth wrote:
> I initially meant a more dynamic approach, changing it via the config
> file at runtime - by modifying a global C variable. But I agree, doing
> it via the ./configure script should really be sufficient.
ACK.
gert
--
USE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 19/02/10 17:05, Karl O. Pinc wrote:
> On 02/19/2010 03:02:40 AM, David Sommerseth wrote:
>> On 19/02/10 04:18, Stefan Monnier wrote:
>
>>>
>>> If it's a config var, it could indeed just be a global var, so I
>> don't
>>> think it would be very comp
On 02/19/2010 03:02:40 AM, David Sommerseth wrote:
> On 19/02/10 04:18, Stefan Monnier wrote:
> >
> > If it's a config var, it could indeed just be a global var, so I
> don't
> > think it would be very complex. But that's really not something
> the
> > user should have to configure.
>
> That de
On 02/19/2010 06:25:10 AM, Siim Põder wrote:
> Hi
>
> Karl O. Pinc wrote:
> > So, unless you're pulling names out of /etc/hosts it's likely
> > that randomization does nothing. And if the bind administrator
> > has gone to the extra work to enable a fixed ordering of
> > RR records then randomiza
Hi
Karl O. Pinc wrote:
> So, unless you're pulling names out of /etc/hosts it's likely
> that randomization does nothing. And if the bind administrator
> has gone to the extra work to enable a fixed ordering of
> RR records then randomization destroys his work.
That's entirely dependent on the D
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 19/02/10 04:18, Stefan Monnier wrote:
>> You are right in regards to dynamic memory allocation. You're using
>> static array allocation, defined by MAX_IPS_PER_HOSTNAME. This value is
>> set to 100. Where did you take this number from? IMHO, tha
> You are right in regards to dynamic memory allocation. You're using
> static array allocation, defined by MAX_IPS_PER_HOSTNAME. This value is
> set to 100. Where did you take this number from? IMHO, that sounds to
> be fairly high.
Actually, I don't use static allocation but stack allocation
On 02/18/2010 12:26:37 PM, Karl O. Pinc wrote:
> (I seem to recall that bind attempts to rotate the ordering
> of the names, but I can't find any reference to this at a glance
> and could be wrong.)
Ah, here it is. Bind9 has a rrset-order directive. Results can
be fixed, random, or cyclic but
On 02/18/2010 08:12:17 AM, David Sommerseth wrote:
> On 18/02/10 13:53, Gert Doering wrote:
> >> * usage of get_random in getaddr() [socket.c:261]
> >>
> >> I admit I should have spotted this one on the first review.
> Because
> >> this code snippet below looks really odd to me.
> >>
> >> if (n
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 18/02/10 13:53, Gert Doering wrote:
> Hi,
>
> On Thu, Feb 18, 2010 at 12:54:08PM +0100, David Sommerseth wrote:
>> The average user might have hits between 1 and 5 IP addresses
>> (guestimate) on such a hostname lookups. There are a few things I a
Hi,
On Thu, Feb 18, 2010 at 12:54:08PM +0100, David Sommerseth wrote:
> The average user might have hits between 1 and 5 IP addresses
> (guestimate) on such a hostname lookups. There are a few things I am
> concerned about in this regards. Even though on my platform in_addr_t
> only needs 4 byte
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 17/02/10 20:27, Stefan Monnier wrote:
>> Thanks a lot for you patch! In general, it very looks good. Can you
>> elaborate a little bit on how you have tested this patch?
>
> I've been using it on my client machines for the last few months.
> This
> Thanks a lot for you patch! In general, it very looks good. Can you
> elaborate a little bit on how you have tested this patch?
I've been using it on my client machines for the last few months.
This is not a very extensive test, obviously: they're all configured
identically and so they all loo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 17/02/10 06:17, Stefan Monnier wrote:
> [ I've sent this in the past already, but just trying to make sure it
> doesn't get lost somewhere. ]
>
> When specifiying an FQDN for the network part of a route, OpenVPN should
> setup a route for each IP
[ I've sent this in the past already, but just trying to make sure it
doesn't get lost somewhere. ]
When specifiying an FQDN for the network part of a route, OpenVPN should
setup a route for each IP associated with that FQDN. Currently, it just
chooses one of the IPs at random instead, which le
23 matches
Mail list logo
