Thanks, Martin... But, no, I upgraded to openvpn 1.6 (compiled by E. Titl, with lzo statically linked, thx). Jaques Nilo's is 1.4.... Is it possible 1.6 supports ifconfig (that command no longer fails) but has a problem with iproute?
The first command you suggest for my script would use the link mtu instead of the tunnel mtu, would it not? Openvpn uses ip commands that would do that (see log listing in my previous post)... But, one thing I have fouled up is the order of the args -- forgot they started at $0. Shouldn't it be: /sbin/ip link set dev $0 up mtu $1 /sbin/ip addr add dev $0 local $4 peer $5 /sbin/ip route add 192.168.1.3/32 via $4 Now my boot floppy has become corrupted... aaarrgghhh... fortunately saved a copy and can generate a new one. Rick -----Original Message----- From: Martin Hejl [mailto:[EMAIL PROTECTED] Sent: Sunday, December 05, 2004 1:27 PM To: Tibbs, Richard Subject: Re: [leaf-user] New openvpn problem (formerly up-script) Hi Richard, Tibbs, Richard wrote: > > Dear list. > I tried the following command line > /sbin/ip link set mtu 1500 dev tun0 > > Problem is, there is no device tun0 even though daemon.log says > Dec 4 21:55:38 firewall openvpn[9273]: MTU DYNAMIC mtu=1450, flags=2, > 1576 -> 1450 > Dec 4 21:55:38 firewall openvpn[9273]: TUN/TAP device tun0 opened > Dec 4 21:55:38 firewall openvpn[9273]: ip link set dev tun0 up mtu 1500 > Dec 4 21:55:39 firewall openvpn[9273]: ip addr add dev tun0 local > 10.1.1.1 peer 10.1.1.2 > Dec 4 21:55:39 firewall openvpn[9273]: /etc/openvpn/openvpn.up tun0 > 1500 1576 10.1.1.1 10.1.1.2 init > Dec 4 21:55:39 firewall openvpn[9273]: script failed: shell command > exited with error status: 1 > > Logged in as root, I tried typing > ip link set dev tun0 up mtu 1500 > and I get the message > SIOCSIFMTU: Operation not supported by device. > ( this happens no matter what mtu I type) > > The only command that does not give me some nastygram from IP is > ip link set tun0 Ok, I'm going to assume you're still using Jaques' OpenVPN package, the one that doesn't support iproute2 directly, and hence you're trying to do what OpenVPN normally does automatically (bringing up the interface, setting routes and so on) via the up-script Try putting the following in your up-script (that's what I inferred from the source of OpenVPN 1.6 - so, those would be the commands generated, if you were using OpenVPN 1.6). /sbin/ip link set dev $0 up mtu $2 /sbin/ip addr add dev $1 local $4 peer $5 /sbin/ip route add 192.168.1.3/32 via $4 After those have been executed, you should have a tun interface with an assigned IP and a route pointing to the remote machine (I'm actually not sure if "192.168.1.3/32" is correct - I _think_ that's how a host-route was specified, but since I always connected two subnets with openvpn, I never had to do that). I hope that helps Martin ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
