|
|
On Tue, 1 Feb 2005, Andrew Alston wrote: > Bit of a strange question. Every 24 hours with my ISP here they > drop/reset the ADSL PPPoE connections and assign new ips etc (its to > stop people running servers etc). Now, OpenVPN restarts fine and > everything keeps working when the ADSL reattaches, except here's the > problem: > > On starting openvpn I may it add specific routes to the ADSL gateway > using the net_gateway parameter, when the adsl gets restarted while > openvpn reestablishes itself to the VPN server fine, these routes don't > get readded to the new net_gateway, is there any way I can make it read > these routes on reestablishment so I can fix this problem, as its > proving to be rather difficult to manage at the moment. The net_gateway variable is scoped at the level of TUN/TAP initialization/shutdown. That means that it's refreshed when the TUN/TAP is opened or reopened. It makes sense to do it this way because route additions/deletions are also scoped at the same level, i.e. adding routes is considered to be part of the TUN/TAP open process and deleting them is part of the TUN/TAP shutdown process. If you do a SIGUSR1 restart with --persist-tun, net_gateway will not be refreshed (most of OpenVPN's internally triggered restarts are SIGUSR1s). If you do a full restart (i.e. SIGHUP or SIGUSR1 without --persist-tun) then everything should work correctly. The downside of this is that without --persist-tun, you will not be able to restart with reduced privileges (if you use --user/--group). You could still use reduced privileges if you kill openvpn and restart it from an external process whenever the IP changes. Some other ideas: Check out --up-restart in the man page. This will cause your --up/--down scripts to be run even on a conditional restart (i.e. one where the TUN/TAP interface is not brought down such as when --persist-tun is used). Conceivably, you could then use such a script to add/remote routes. To work correctly though, OpenVPN would need to be patched to refresh net_gateway on a conditional restart. James ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-02/msg00002.html on line 222 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-02/msg00002.html on line 222 |