[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] iproute2 option


  • Subject: Re: [Openvpn-users] iproute2 option
  • From: "James Yonan" <jim@xxxxxxxxx>
  • Date: Mon, 24 Jan 2005 21:29:24 -0000

Whit Blauvelt <whit@xxxxxxxxxxxxx> said:

> >From the Change Log:
> 
> 2004.01.20 -- Version 1.6-beta2
> 
> * Added ./configure --enable-iproute2 flag which
>   uses iproute2 instead of route + ifconfig
> 
> Since I'm using complex rules and routes and IP assignments that depend on
> iproute2, should I be compiling with this switch? Has it been fully
> implemented and tested?  If so, what is the standard behavior in terms of
> commands automatically passed to "ip ro"? I'm a bit concerned that without
> having better documentation on what will be done - either with its iproute2
> behavior or its default route + ifconfig behavior - I'm going to
> inadvertently clobber my rules and routes setup. I see there are hooks to
> handle this stuff with external scripts, too, but the goal is to make the
> configuration just complex enough, not more than needed.

The best way to see the difference is to grep the source for
CONFIG_FEATURE_IPROUTE.

For example, it affects the generation of route commands:

********************

#ifdef CONFIG_FEATURE_IPROUTE
  buf_printf (&buf, IPROUTE_PATH " route add %s/%d via %s",
              network,
              count_netmask_bits(netmask),
              gateway);
  if (r->metric_defined)
    buf_printf (&buf, " metric %d", r->metric);

#else
  buf_printf (&buf, ROUTE_PATH " add -net %s netmask %s gw %s",
              network,
              netmask,
              gateway);
  if (r->metric_defined)
    buf_printf (&buf, " metric %d", r->metric);
#endif  /*CONFIG_FEATURE_IPROUTE*/

*************************

as well as the generation of ifconfig commands:

*************************

#ifdef CONFIG_FEATURE_IPROUTE
	/*
	 * Set the MTU for the device
	 */
	openvpn_snprintf (command_line, sizeof (command_line),
			  IPROUTE_PATH " link set dev %s up mtu %d",
			  actual,
			  tun_mtu
			  );
	  msg (M_INFO, "%s", command_line);
	  system_check (command_line, es, S_FATAL, "Linux ip link set failed");

	if (tun) {

		/*
		 * Set the address for the device
		 */
		openvpn_snprintf (command_line, sizeof (command_line),
				  IPROUTE_PATH " addr add dev %s local %s peer %s",
				  actual,
				  ifconfig_local,
				  ifconfig_remote_netmask
				  );
		  msg (M_INFO, "%s", command_line);
		  system_check (command_line, es, S_FATAL, "Linux ip addr add failed");
	} else {
		openvpn_snprintf (command_line, sizeof (command_line),
				  IPROUTE_PATH " addr add dev %s %s/%d broadcast %s",
				  actual,
				  ifconfig_local,
				  count_netmask_bits(ifconfig_remote_netmask),
				  ifconfig_broadcast
				  );
		  msg (M_INFO, "%s", command_line);
		  system_check (command_line, es, S_FATAL, "Linux ip addr add failed");
	}
	tt->did_ifconfig = true;
#else
      if (tun)
	openvpn_snprintf (command_line, sizeof (command_line),
			  IFCONFIG_PATH " %s %s pointopoint %s mtu %d",
			  actual,
			  ifconfig_local,
			  ifconfig_remote_netmask,
			  tun_mtu
			  );
      else
	openvpn_snprintf (command_line, sizeof (command_line),
			  IFCONFIG_PATH " %s %s netmask %s mtu %d broadcast %s",
			  actual,
			  ifconfig_local,
			  ifconfig_remote_netmask,
			  tun_mtu,
			  ifconfig_broadcast
			  );
      msg (M_INFO, "%s", command_line);
      system_check (command_line, es, S_FATAL, "Linux ifconfig failed");
      tt->did_ifconfig = true;

#endif /*CONFIG_FEATURE_IPROUTE*/

*******************

James


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users