[OpenWrt-Devel] OpenVPN-Devel default packages break IPv6

Mon, 10 Sep 2012 13:36:17 -0700 

Hi,

I just installed Attitude Adjustment plus precompiled openvpn-devel-openssl
package, and was somewhat surprised to see IPv6 fail (and subsequently, 
the whole OpenVPN connection).

The reason is this:

Sep 10 19:51:47 OpenWrt daemon.notice openvpn(sheeva)[1408]: /sbin/ifconfig 
tun0 10.30.22.18 pointopoint 10.30.22.17 mtu 1500
Sep 10 19:51:47 OpenWrt daemon.notice openvpn(sheeva)[1408]: /sbin/ifconfig 
tun0 inet6 add 2001:608:4:ee0::1:3/64
Sep 10 19:51:47 OpenWrt daemon.err openvpn(sheeva)[1408]: Linux ifconfig inet6 
failed: external program exited with error status: 1
Sep 10 19:51:47 OpenWrt daemon.notice openvpn(sheeva)[1408]: Exiting due to 
fatal error

busybox' ifconfig program does not understand the "normal Linux ifconfig"
syntax to configure an IPv6 address on the tun0 interface.

Last time I tested IPv6 with openvpn on openwrt, the openvpn-devel
package unconditionally built with --enable-iproute2, which handles
IPv6 just fine.

Nowadays, we have:

  DEPENDS:=+kmod-tun +OPENVPN_DEVEL_$(1)_ENABLE_LZO:liblzo +OPENVPN_DEVEL_$(1)_E
NABLE_IPROUTE2:ip $(3)
...
                $(if $(CONFIG_OPENVPN_DEVEL_$(BUILD_VARIANT)_ENABLE_IPROUTE2),--
enable,--disable)-iproute2 \


so --enable-iproute2 depends on CONFIG_OPENVPN_DEVEL_(openssl)_ENABLE_IPROUTE2,
which defaults to "off", which breaks IPv6 in the packages shipped by 
default.

I'd very much like to see this fixed, obviously :-) - and while I see
some space benefit in not depending on the "ip" package, I wonder whether
this could be changed to "have *ENABLE_IPROUTE2 default to 'on'", so the
pre-built packages *work*, and if someone is really space constrained,
he can turn it off...?

That is, apply the following patch... 

Index: net/openvpn-devel/Config-openssl.in
===================================================================
--- net/openvpn-devel/Config-openssl.in (Revision 32420)
+++ net/openvpn-devel/Config-openssl.in (Arbeitskopie)
@@ -63,6 +63,6 @@
 
 config OPENVPN_DEVEL_openssl_ENABLE_IPROUTE2
        bool "Enable support for iproute2"
-       default n
+       default y
 
 endmenu



thanks,

gert


-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             [email protected]
fax: +49-89-35655025                        [email protected]

Attachment: pgp8KQrRufM4x.pgp
Description: PGP signature

_______________________________________________
openwrt-devel mailing list
[email protected]
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Reply via email to