Bug #7062
OpenVPN 2.4 treats "udp" and "tcp" as dual stack now, move old preference to udp4/tcp4
100%
Description
OpenVPN 2.4 changed the meaning of "udp" and "tcp" to be dual stack, listening on IPv6 on all interfaces at once. "local" can still nudge the behavior but to preserve the user's choice, it's safest to move the user preference to udp4/tcp4 which reflect the previous behavior.
Also it's a good time to introduce "multihome" for those who want to run dual stack which will make OpenVPN reply from the address it received the packet on.
To me, I have a patch
Associated revisions
Update OpenVPN protocol preferences to match the new behavior of OpenVPN 2.4. Fixes #7062
Fix #7074: Fix automatic port number guessing
Rework openvpn_port_used() to take care of following conflicts after
ticket #7062 was committed:
- "UDP" is dual stack and conflicts with "UDP4" and "UDP6"
- "TCP" is dual stack and conflicts with "TCP4" and "TCP6"
- "UDP4" and "UDP6" do not conflict unless interface is set to "any"
- "TCP4" and "TCP6" do not conflict unless interface is set to "any"
History
#1
Updated by Jim Pingle 6 months ago
- Status changed from Assigned to Feedback
- % Done changed from 0 to 100
Applied in changeset ca3666766588538934bedc6933934fbadb9249ef.
#2
Updated by Jim Pingle 6 months ago
- Status changed from Feedback to Assigned
This apparently still needs one more change. The IPv6 only modes need:
bind ipv6only
#3
Updated by Jim Pingle 6 months ago
- Status changed from Assigned to Resolved
OpenVPN's man page and docs say it should work but it tosses an error on the bind directive.
It appears to do the correct thing anyhow without it, only binding to what was chosen since it's declared explicitly.