Hi, On Wed, Sep 02, 2020 at 10:03:11AM +0200, Thomas Schäfer wrote: > Am 01.09.20 um 22:14 schrieb Gert Doering: > > On Tue, Sep 01, 2020 at 08:07:20PM +0200, Thomas Schäfer wrote: > >>> - IPv4-only VPN > >> Typo? > > > > We can do that! > > Is it new in 2.5?
The --block-ipv6 command is new.
> Asking again, just to understand the difference
>
> "IPv6-only operation"
> I can remove all IPv4-related config
Correct.
> and
>
> "IPv4-only VPN"
> means better protection to prevent IPv6-leaks in an intended IPv4-only
> operation mode
No, the point is "--block-ipv6", not "IPv4 only VPN". OpenVPN could
always do "IPv4 only VPN" :-)
The scenario here is:
- user has IPv4+IPv6 at home
- user uses a VPN service from a VPN provider that only does IPv4
("IPv4-only VPN")
- user accesses www.google.de -> packets go via IPv6, bypassing VPN
if you have that scenario, you can either get a better VPN provider, or
use --block-ipv6 with the IPv4-only VPN provider, to prevent leaking.
(And thanks for the test result)
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
