Feature #5835
openImprove OpenVPN client gateway detection in edge cases where the remote does not send gateway information
0%
Description
There are a few edge cases where OpenVPN does not set the "route_vpn_gateway" or "ifconfig_remote" environment variables so the "up" script cannot determine the gateway.
Currently the script falls back to using the local IP address in this case, which works OK for some things like policy routing when the interface is assigned, but it causes the wrong IP address to be monitored.
The problem scenario requires BOTH of the following to be true:- tap mode OR tun+topology subnet is used
- Server does not push ANY routes
In that case, the only possible way for the client to determine the gateway is by subnet calculation, assuming the gateway is the first IP address in the block. Our code currently falls back to using the client adapter address in this case when the other two variables are unset.
Fixing it would require the ability to do subnet math or similar calculation from a shell script, or perhaps pulling the config off the interface using ifconfig or another similar function.
Since it appears to work fine from a user perspective aside from picking the right monitor IP address, it's pretty minor as far as I can tell so far.