We are successfully running OpenVPN 2.0 and have been for over a year. It is working absolutely perfectly - totally reliable. Well done and thanks to everyone involved in its development.
Now I have searched and searched for information on the following, and it may be absolutely trivial so doesn't need clarifying, but I have been unable to find any answer to the following...
We are approaching the limit of clients which can be assigned ip addresses in the range of 10.8.0.1 - 10.8.0.255 (/30 for Windows clients). I am wondering what happens when we need another ip address for a client after all possible IP addresses in the above range have been assigned. Does the OpenVPN server just start using 10.8.1.x ? Something else? Will my happy little VPN all fall apart?
As I say, I have been unable to find any information specifically related to this 'issue'. I have seen numerous example conf files with settings such as "max-clients 150", "max-clients 500", "max-clients 1000", "max-clients 10000" etc and several discussions of the bandwidth requirements being a possible problem, but no mention of what actually happens with the ip addresses and behaviour of the system. I have also seen that by default a 2.0 server can support 60 odd thousand clients (!? - I can't remember [or find] exactly which setting this was). Is it really as simple as specifying "max-clients n" where n can be in the hundreds or thousands so long as the server and bandwidth can handle it?
I would like to know what happens once the initial ip address range has been assigned to clients. Also what is the behaviour as max-clients increases? Are there any issues with client-to-client when they are on different ip address ranges? Does the server simply route from 10.8.0.12 to 10.8.1.16 (for example)?
Our key settings from the server.conf file follow:
server 10.8.0.0 255.255.0.0
;ifconfig-pool-linear (damn Windows clients!)
Our clients only ping the server periodically and occasionally receive a bit of individual traffic so bandwidth is not an issue at all for us.
Thanks in advance for any help, comments, suggestions.