Opened 10 years ago
Closed 4 years ago
#291 closed Feature Wish (fixed)
Overriding a pushed "route" in the client's config throws an error
Reported by: | Simon Deziel | Owned by: | Samuli Seppänen |
---|---|---|---|
Priority: | trivial | Milestone: | release 2.3.7 |
Component: | Configuration | Version: | OpenVPN 2.2.2 (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
Cc: |
Description
When connecting to server that pushes routes using this:
server.conf:
... # Pushed routes push "route 10.1.0.0 255.255.255.0"
and when the client overrides them in its config:
client.conf:
... # Options client route-nopull route 10.1.0.0 255.255.255.128 route-metric 50 ...
This works but the client's log have this:
Options error: option 'route' cannot be used in this context
This is explained by Jan Just Keijser:
the warning message is printed because the vpn server is pushing two routes, which the
client is now ignoring; so the message is a bit confusing, as it really means "I am now
ignoring route X"
Correcting the message would avoid confusing users.
Mailing list thread: http://comments.gmane.org/gmane.network.openvpn.user/33614
Change History (12)
comment:1 Changed 10 years ago by
Component: | Generic / unclassified → Configuration |
---|---|
Priority: | major → trivial |
comment:2 Changed 9 years ago by
comment:3 Changed 9 years ago by
Milestone: | → release 2.3.5 |
---|
Won't go into 2.3.4, but maybe the error message can be improved for 2.3.5 or git master.
comment:5 Changed 8 years ago by
Milestone: | release 2.3.5 → release 2.3.7 |
---|
comment:6 Changed 8 years ago by
Resolution: | → worksforme |
---|---|
Status: | new → closed |
Actually closing the ticket now :-) - it is in the FAQ, and changing the error message to print a different message depending on the context (route-nopull or "just not a valid command") is not straight-forward, and IMHO not worth the gain.
comment:7 Changed 4 years ago by
I still get this message after applying the suggested changes in the FAQ to the client configuration.
comment:8 Changed 4 years ago by
Resolution: | worksforme |
---|---|
Status: | closed → reopened |
Actually the FAQ item is just wrong in claiming "this will make the error message go away".
If you use --route-nopull
on the client, and the server is pushing a route to you, you will get this error message, because this is what --route-nopull
does.
Order in client configs has no relevance (unless you have <connection> blocks).
@samuli: can you correct the FAQ item, please, and mention that this can be solved nowadays by configuring
pull-filter ignore "route "
instead of using --route-nopull
? pull-filter is a 2.4 addition, though.
If anyone still uses 2.3.x, they should better upgrade :-)
comment:9 Changed 4 years ago by
Owner: | set to Samuli Seppänen |
---|---|
Status: | reopened → assigned |
comment:10 Changed 4 years ago by
@cron: so what part of the old FAQ item should we keep? Just replace the solution with "use pull-filter"?
comment:11 Changed 4 years ago by
Yes, just changing the "solution" part should be good. The explanation above is still correct.
thanks
comment:12 Changed 4 years ago by
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
FAQ item updated. Closing this as fixed.
The issue is not due to the local "route", but due to "route-nopull" taking away the permission to install pushed "route", effectively telling the option parser "no, this option is not valid here".
The option parser (option.c) is a mass of pure magic, with a bit of madness woven into it, so I'm not sure how much effort it would be to do this in a nice way, without adding lots of extra code.
Maybe just add to FAQ?