Attention is currently required from: flichtenheld, plaisthos.
Hello plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/421?usp=email
to look at the new patch set (#2).
The following approvals got outdated and were removed:
Code-Review-1 by plaisthos
Change subject: Change default of "topology" to "subnet"
......................................................................
Change default of "topology" to "subnet"
Change-Id: Iede3e7c028cbb715e28bc88c7e583f84dadc02c8
Signed-off-by: Frank Lichtenheld <[email protected]>
---
M Changes.rst
M doc/man-sections/vpn-network-options.rst
M src/openvpn/options.c
3 files changed, 19 insertions(+), 11 deletions(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/21/421/2
diff --git a/Changes.rst b/Changes.rst
index 3676dce..3132c84 100644
--- a/Changes.rst
+++ b/Changes.rst
@@ -10,6 +10,15 @@
``--allow-deprecated-insecure-static-crypto`` but will be removed in
OpenVPN 2.8.
+Default for ``--topology`` changed to ``subnet``
+ Previous releases used ``net30`` as default. This only affects
+ configs with ``--dev tun`` and only IPv4. Note that this
+ changes the semantics of ``--ifconfig``, so if you have manual
+ settings for that in your config but not set ``--topology``
+ your config might fail to parse with the new version. Just adding
+ ``--topology net30`` to the config should fix the problem.
+ By default ``--topology`` is pushed from server to client.
+
Overview of changes in 2.6
==========================
diff --git a/doc/man-sections/vpn-network-options.rst
b/doc/man-sections/vpn-network-options.rst
index 3fa3ccf..251529f 100644
--- a/doc/man-sections/vpn-network-options.rst
+++ b/doc/man-sections/vpn-network-options.rst
@@ -495,11 +495,17 @@
``mode`` can be one of:
+ :code:`subnet`
+ Use a subnet rather than a point-to-point topology by
+ configuring the tun interface with a local IP address and subnet mask,
+ similar to the topology used in ``--dev tap`` and ethernet bridging
+ mode. This mode allocates a single IP address per connecting client and
+ works on Windows as well. This is the default.
+
:code:`net30`
Use a point-to-point topology, by allocating one /30 subnet
per client. This is designed to allow point-to-point semantics when some
- or all of the connecting clients might be Windows systems. This is the
- default.
+ or all of the connecting clients might be Windows systems.
:code:`p2p`
Use a point-to-point topology where the remote endpoint of
@@ -508,15 +514,8 @@
connecting client. Only use when none of the connecting clients are
Windows systems.
- :code:`subnet`
- Use a subnet rather than a point-to-point topology by
- configuring the tun interface with a local IP address and subnet mask,
- similar to the topology used in ``--dev tap`` and ethernet bridging
- mode. This mode allocates a single IP address per connecting client and
- works on Windows as well.
-
*Note:* Using ``--topology subnet`` changes the interpretation of the
- arguments of ``--ifconfig`` to mean "address netmask", no longer "local
+ arguments of ``--ifconfig`` to mean "address netmask", and not "local
remote".
--tun-mtu args
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index d238269..764ca7b 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -800,7 +800,7 @@
o->gc_owned = true;
}
o->mode = MODE_POINT_TO_POINT;
- o->topology = TOP_NET30;
+ o->topology = TOP_SUBNET;
o->ce.proto = PROTO_UDP;
o->ce.af = AF_UNSPEC;
o->ce.bind_ipv6_only = false;
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/421?usp=email
To unsubscribe, or for help writing mail filters, visit
http://gerrit.openvpn.net/settings
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: Iede3e7c028cbb715e28bc88c7e583f84dadc02c8
Gerrit-Change-Number: 421
Gerrit-PatchSet: 2
Gerrit-Owner: flichtenheld <[email protected]>
Gerrit-Reviewer: plaisthos <[email protected]>
Gerrit-CC: openvpn-devel <[email protected]>
Gerrit-Attention: plaisthos <[email protected]>
Gerrit-Attention: flichtenheld <[email protected]>
Gerrit-MessageType: newpatchset
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
