Opened 9 years ago
Closed 4 years ago
#583 closed Bug / Defect (fixed-external)
Up and down scripts need to be informed of tun-ipv6 setting
Reported by: | zackw | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | |
Component: | Generic / unclassified | Version: | OpenVPN 2.3.8 (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
Cc: | Gert Döring |
Description
If the client config file doesn't have 'tun-ipv6
' in it, but the server sends IPv6 addressing options anyway, the automatic network configuration will ignore them:
Wed Jul 29 16:22:46 2015 PUSH: Received control message: 'PUSH_REPLY,topology subnet,route-gateway REDACTED,dhcp-option DNS REDACTED,ping 10,ping-restart 90,redirect-gateway def1,ifconfig-ipv6 2001:REDACTED::2/64 2001:REDACTED::1,route-ipv6 2000::/3 2001:REDACTED::1,explicit-exit-notify 2,ifconfig REDACTED 255.255.255.0' Wed Jul 29 16:22:46 2015 OPTIONS IMPORT: timers and/or timeouts modified Wed Jul 29 16:22:46 2015 OPTIONS IMPORT: explicit notify parm(s) modified Wed Jul 29 16:22:46 2015 OPTIONS IMPORT: --ifconfig/up options modified Wed Jul 29 16:22:46 2015 OPTIONS IMPORT: route options modified Wed Jul 29 16:22:46 2015 OPTIONS IMPORT: route-related options modified Wed Jul 29 16:22:46 2015 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Wed Jul 29 16:22:46 2015 ROUTE_GATEWAY REDACTED/255.255.255.0 IFACE=eth1 HWADDR=REDACTED Wed Jul 29 16:22:46 2015 ROUTE6: default_gateway=UNDEF Wed Jul 29 16:22:46 2015 TUN/TAP device tun0 opened Wed Jul 29 16:22:46 2015 TUN/TAP TX queue length set to 100 Wed Jul 29 16:22:46 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=1 Wed Jul 29 16:22:46 2015 /sbin/ip link set dev tun0 up mtu 1500 Wed Jul 29 16:22:46 2015 /sbin/ip addr add dev tun0 REDACTED/24 broadcast REDACTED Wed Jul 29 16:22:46 2015 /sbin/ip route add REDACTED/32 via REDACTED Wed Jul 29 16:22:46 2015 /sbin/ip route add 0.0.0.0/1 via REDACTED Wed Jul 29 16:22:46 2015 /sbin/ip route add 128.0.0.0/1 via REDACTED Wed Jul 29 16:22:46 2015 add_route_ipv6(): not adding 2000::/3, no IPv6 on if tun0 Wed Jul 29 16:22:46 2015 Initialization Sequence Completed
This is the Right Thing -- in my case, anyway, the server is advertising IPv6 but it doesn't actually work, and the proxy service's customer support is all 'yeah, when it works we'll set the config file to say so'. However, for unrelated reasons I have to use an --up
script and --ifconfig-noexec
, and the environment passed to the script includes all the IPv6 addressing information but does not report whether tun-ipv6
has been set: either way I get something like
X509_...=REDACTED common_name=server config=REDACTED daemon=0 daemon_log_redirect=0 daemon_pid=29128 daemon_start_time=1438202090 dev=tun0 dev_type=tun foreign_option_1=dhcp-option DNS REDACTED ifconfig_broadcast=REDACTED ifconfig_ipv6_local=REDACTED::2 ifconfig_ipv6_netbits=64 ifconfig_ipv6_remote=REDACTED::1 ifconfig_local=REDACTED ifconfig_netmask=255.255.255.0 link_mtu=1541 local_port_1=0 proto_1=udp remote_1=REDACTED remote_port_1=53 route_ipv6_gateway_1=REDACTED::1 route_ipv6_network_1=2000::/3 route_net_gateway=10.0.0.1 route_vpn_gateway=10.200.4.1 script_context=init script_type=up tls_...=REDACTED trusted_ip=REDACTED trusted_port=53 tun_mtu=1500 untrusted_ip=REDACTED untrusted_port=53 verb=3
Please add an environment variable that indicates whether {{{tun-ipv6}} is set.
Change History (4)
comment:1 Changed 9 years ago by
comment:2 Changed 5 years ago by
I'm guessing a lot has change regarding ipv6 since 2016(ish)
Can this be closed ?
comment:3 Changed 4 years ago by
Cc: | Gert Döring added |
---|
comment:4 Changed 4 years ago by
Resolution: | → fixed-external |
---|---|
Status: | new → closed |
This can be closed, as tun-ipv6
is a no-op these days. There is nothing it will do.
IPv6 will be configured when there is IPv6 config in the client config or pushed from the server, and the tun/tap interface will always be in "multiprotocol" mode.
This was changed in 2016...
commit 86e2fa5597fd1ad8e0102f134c63d6bc8cb7c291
Author: Arne Schwabe <arne@…>
Date: Thu Oct 13 18:54:16 2016 +0200
Remove tun-ipv6 Option. Instead assume that IPv6 is always supported.
and went into 2.4.0
We've discussed this ticket at the OpenVPN Hackathon and would like to use a different solution:
if the client does not have "tun-ipv6" set then none of the *_ipv6_* env vars will be set.
Please let us know if this solution also solves your problem :)