[OpenVPN home]	[Date Prev]	[Date Index]	[Date Next]
[OpenVPN mailing lists]	[Thread Prev]	[Thread Index]	[Thread Next]

Re: [Openvpn-users] multiple --remote parameter didn't work as expected (by me)

Subject: Re: [Openvpn-users] multiple --remote parameter didn't work as expected (by me)
From: Claas Hilbrecht <claas+maillinglists.openvpn@xxxxxxxxxxxxxxxxx>
Date: Fri, 08 Apr 2005 09:45:51 +0200

--Am Mittwoch, 6. April 2005 14:42 -0600 James Yonan <jim@xxxxxxxxx> schrieb:

This is exactly what I would expect.  Without --float, the OpenVPN client
will only accept packets from the current server in the remote list.

That's way I say "by me" :). What happens if you have a --remote list on both sides each trying to reach the other endpoint?

Probably in your test, you are starting and stopping the client, and when
you start the client again, it may connect to a different server than the
last connection, but the old server is still sending ping packets (on the
same port # if --nobind isn't used on the client), so these packets will
be dropped with the above message.


That's what I've tried.

If you added --float, the packets would still be dropped, but without
warning.

Using --float "disables" the inbuilt paketfilter that is active with multiple --remote addresses. But okay, that should be no real problem.

That's an interesting thought -- the concern is that this might cause a

[...]

same as a very low keepalive timeout.

I meant that this should happen only while trying to establish a connection. Once a connection is initiated the "normal" behaviour should work.

Randomness is strange by definition, especially with small sample sizes :)

I know, but I just want to let you know. And it seems that at least on the openvpn side is all done in a sane manner. I will look at openssl as soon as I get openssl 0.9.7f cut down again.

And one feature request. It would be nice if the managment console could

[...]

with the same configuration via ISDN to make some maintaince.
Can you submit a patch for this?


I can try it. Do you have any suggestions what name the command should get?

--
Claas Hilbrecht
http://www.jucs-kramkiste.de


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-04/msg00122.html on line 212

Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-04/msg00122.html on line 212