Hi,
On Sat, Jul 16, 2016 at 10:13:01PM +0300, streampp wrote:
> Hello Gert, thanks for quick answer.
>
> > On Sat, Jul 16, 2016 at 08:45:03PM +0300, streampp wrote:
> > > I'm connecting to my remote OpenVPN server via IPv4. On
> > > openvpn-server.conf I have something like:
> > >
> > > push "route 10.0.0.0 255.0.0.0 net_gateway"
> > > push "route 172.16.0.0 255.240.0.0 net_gateway"
> > > push "route 192.168.0.0 255.255.0.0 net_gateway"
> > >
> > > with works perfect and my IPv4 gateway replaces "net_gateway" parameter,
> > > so with IPv4 everything is fine.
> >
> > "why"?
>
> Didn't understand the question. :(
Why are you doing this?
Just because OpenVPN *can* do this for IPv4 doesn't mean it's a sensible
thing to do - and in all my use cases I've never needed to do this, so
it's not implemented for IPv6.
[..]
> Ok, here we go.
> Private network is just an example. Real case is: I have two openvpn's. One
> for work and one my personal. My personal OpenVPN to hosters VPS always ON,
> so all my internet traffic i encrypted.
> But when I enable OpenVPN from my work, it becomes OpenVPN over OpenVPN (work
> vpn over my personal one). I just want to avoid OpenVPN over OpenVPN :)
OK, that makes more sense - in both OpenVPN configs, you want to ensure
that the *other* VPN server is routed via net_gateway(6). Indeed,
convincing :-)
Unfortunately, not totally easy to do. While git master openvpn actually
knows how to find the current default gateway (more precisely: the gateway
used to reach the current VPN server's address, which might not be the
default gateway if there is a more specific route in place) the whole
IPv6 routing logic doesn't deal with symbolic names yet. Lots of pieces
to extend (and test)...
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: +49-89-35655025 [email protected]
