Hi, On Wed, Jun 06, 2018 at 12:22:31AM +0800, Antonio Quartulli wrote: > Why is it !ipv6 by default in the first place? > > I'd rather keep default behaviours as they are now, to avoid messing up > the user experience. > > However, I also understand that if there is no IPv4 and gateway-redirect > is specified, then the user wants a default route for IPv6. > > Maybe we should keep the current behaviour as it is (!ipv6 by default) > but print a warning when only ifconfig-ipv6 is provided?
I think for compatibility with existing configs, "redirect-gateway" with
no extra arguments (or just the old ones, "def1" etc.) should be "ipv4",
as it is today.
If there is no IPv4 address configured, redirect-gateway (ipv4) should
log a notice ("NOTICE: --redirect-gateway without the 'ipv6' flag will
handle IPv4 only. No IPv4 on tunnel, so not redirecting anything" or
something like that).
Eventually we might want to change it to do
--redirect-gateway "with no IPv* flags" = IPv4+IPv6
--redirect-gateway ipv4 (def1|local|...) = "only IPv4"
--redirect-gateway ipv6 = "only IPv6"
What we have today ("unless there is a !ipv4, it's always ipv4") is
historic due to "the ipv6 code was expected to change as little of the
existing behaviour as possible". We can be a bit more daring nowadays :)
We might also merge Arne's block-ipv6 patch some day :-) - and add
the corresponding block-ipv4 functionality.
> > [ Selva ]
> > May be there are more such nuances -- this patch will need some thoroug
> > testing before being ready for review.
Yes, definitely. There will be interesting surprises. I'm not sure we
can catch everything before review/merging, though... but I'll try my
best ;-)
> >> Of course we'll also need to check if typical consumers of the management
> >> interface explode if you're not giving an IPv4 address to them...
> >>
> >> Selva, Jonathan, how will our GUI and Tunnelblick handle that?
> >
> > Windows GUI uses configured IPs only for logging and display so I
> > don't think it will complain, let alone explode. If any changes are
> > needed, likely to be minimal. We have to just keep the format of
> > reporting configured IPs unchanged even if some elements may be blank.
When Antonio sends the v2, I'll do a windows build and see what happens.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
signature.asc
Description: PGP signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
