Re: [Openvpn-devel] Topics for today's (Monday, 26th Oct 2015) community meeting

2015-10-26 Thread Gmail
Yes. Maybe an option that defaults the ping to the tunnel gateway with a switch to choose some other IP? Sent from my iPhone > On Oct 26, 2015, at 8:20 AM, Morris, Russell wrote: > > Agreed! This is what I have done locally also - enter a machine on the server > side,

Re: [Openvpn-devel] Topics for today's (Monday, 26th Oct 2015) community meeting

2015-10-26 Thread Selva Nair
On Mon, Oct 26, 2015 at 11:17 AM, Gmail wrote: > Regarding the instability of connection in the windows version: I > overcame this long ago (and works well to this date) by building a tiny > script that periodically pings the the ovpn gateway (server). If no ping > reply

Re: [Openvpn-devel] Topics for today's (Monday, 26th Oct 2015) community meeting

2015-10-26 Thread Morris, Russell
Agreed! This is what I have done locally also - enter a machine on the server side, and ping it at some interval. FYI, this doesn't have to be only the server itself. I use a different machine, to make sure my routes get set up properly also. Thanks, ... Russell -Original Message-

Re: [Openvpn-devel] Topics for today's (Monday, 26th Oct 2015) community meeting

2015-10-26 Thread Gmail
Regarding the instability of connection in the windows version: I overcame this long ago (and works well to this date) by building a tiny script that periodically pings the the ovpn gateway (server). If no ping reply then restart the service. Very simple. Perhaps this could be built into the

Re: [Openvpn-devel] Creating a Windows team for OpenVPN?

2015-10-26 Thread Pasi Kärkkäinen
On Mon, Oct 26, 2015 at 01:42:13PM -, debbie...@gmail.com wrote: > Hi > - Original Message - From: "Pasi Kärkkäinen" > To: "Samuli Seppänen" > Cc: > Sent: Monday, October 26, 2015 11:12 AM > Subject: Re:

Re: [Openvpn-devel] Creating a Windows team for OpenVPN?

2015-10-26 Thread debbie10t
Hi - Original Message - From: "Pasi Kärkkäinen" To: "Samuli Seppänen" Cc: Sent: Monday, October 26, 2015 11:12 AM Subject: Re: [Openvpn-devel] Creating a Windows team for OpenVPN? - Windows OpenVPN-GUI needs to

Re: [Openvpn-devel] [RFC] --passtos default on/off, and IPv6.

2015-10-26 Thread Arne Schwabe
> > I'm actually *more* interested in the potential for incompatibilities > > if we start setting the TOS bits — as we saw with stupid firewalls > > dropping packets when ECN was in use. That sounds like a much more > > reasonable argument for not doing --passtos by default, although even > >

Re: [Openvpn-devel] Creating a Windows team for OpenVPN?

2015-10-26 Thread Pasi Kärkkäinen
On Fri, Oct 16, 2015 at 07:00:13PM +0300, Samuli Seppänen wrote: > Hi, > > In Delft we talked about issues with Windows version of OpenVPN quite a > lot. Of the top of my hat I can recall the following isuses: > > - The tap-windows/tap-windows6 drivers have fairly bad performance > - In Windows

[Openvpn-devel] Topics for today's (Monday, 26th Oct 2015) community meeting

2015-10-26 Thread Samuli Seppänen
Hi, We're going to have an IRC meeting today starting at 20:00 CET (19:00 UTC) on #openvpn-devel irc.freenode.net. Current topic list along with basic information is here: If you have any other things you'd like to bring up,

Re: [Openvpn-devel] [RFC] --passtos default on/off, and IPv6.

2015-10-26 Thread Steffan Karger
On 26 Oct 2015 00:44, "David Woodhouse" wrote: > > On Mon, 2015-10-26 at 00:15 +0100, Steffan Karger wrote: > > On Mon, Oct 26, 2015 at 12:09 AM, Steffan Karger wrote: > > > For > > > covert channels, it means 23 possible values per 1500-byte packet, or >

Re: [Openvpn-devel] [RFC] --passtos default on/off, and IPv6.

2015-10-26 Thread David Woodhouse
On Mon, 2015-10-26 at 00:15 +0100, Steffan Karger wrote: > On Mon, Oct 26, 2015 at 12:09 AM, Steffan Karger wrote: > > For > > covert channels, it means 23 possible values per 1500-byte packet, or > > ~5 bits for BF, and 12 possible values (~4 bits) for AES-CBC. That is > >

Re: [Openvpn-devel] [RFC] --passtos default on/off, and IPv6.

2015-10-26 Thread Steffan Karger
On Mon, Oct 26, 2015 at 12:09 AM, Steffan Karger wrote: > For > covert channels, it means 23 possible values per 1500-byte packet, or > ~5 bits for BF, and 12 possible values (~4 bits) for AES-CBC. That is > still less than the 8 bits QoS/ToS. Grmbl, at the moment I hit send I

Re: [Openvpn-devel] [RFC] --passtos default on/off, and IPv6.

2015-10-26 Thread Steffan Karger
Hi, On Fri, Oct 23, 2015 at 12:49 PM, David Woodhouse wrote: > I prefer to remain consistent with OpenVPN and other tools where > possible, so we've renamed the option to '--passtos' and my first > reaction was to disable it by default, like OpenVPN does. > > Looking at it