* TEST SUCCESS: Linux/iproute2: client-tun/net30+subnet, v4+v6
* options.c: tag as 20100922-1 so "allmerged" users can see IPv6 change
+
+Fri Sep 24 17:57:41 CEST 2010
+
+ * TEST SUCCESS: Linux/<both>: client-tap, v4+v6, ping6 on connected addr
+
+ * TEST FAIL: Linux/<both>: client-tap, v6, route6 (gateway missing)
+
+Do 21. Okt 19:36:49 CEST 2010
+
+ * t_client.sh.in: cherrypick commit f25fe91a40aa3f and 6f1e61b41be52
+ (proper exit codes to signal "SKIP" if we do not want to run)
+
+So 16. Jan 17:25:23 CET 2011
+
+ * tun.c, route.c: cherrypick 121755c2cb4891f and f0eac1a5979096c67
+ (TAP driver and "topology subnet" support for Solaris)
+
+ * tun.c: add IPv6 configuration for TAP interfaces (<device>:1 inet6)
+
+ * tun.c: on close_tun on Solaris, unplumb IPv6 TUN or TAP interfaces
+
+ * TEST SUCCESS: OpenSolaris: client-tun, v4+v6
+ TEST SUCCESS: OpenSolaris: client-tap, v4+v6, ping6 on connected addr
+ TEST FAIL: OpenSolaris: client-tap, v6, route6 (gateway missing)
+
+So 24. Apr 16:51:45 CEST 2011
+
+ * rebase to "beta2.2" branch (at 2.2RC2 tag)
+
+ * mroute.c: remove mroute_helper_lock/_unlock() calls for IPv6
+ * socket.c: remove locking with L_INET_NTOA mutex
+ (all the threading stuff got removed by David Sommerseth for 2.2)
+
+ * mroute.c: remove duplicate mroute_helper_add_iroute6() and
+ mroute_helper_del_iroute6() - "git rebase" artefact
+
+ * ChangeLog.IPv6 and TODO.IPv6: add to commit
+
+ * options.c: tag as 20110424-2 (2.2RC2)
+
+ * TEST SUCCESS: Linux/ifconfig: client-tun/net30+subnet, v4+v6
+
+ * TEST SUCCESS: Linux/iproute2: client-tun/net30+subnet, v4+v6
+
known issues for IPv6 payload support in OpenVPN
-----------------------------------------------
-1.) "--topology subnet" doesn't work together with IPv6 payload
+1.) "--topology subnet" doesn't work together with IPv6 payload on FreeBSD
(verified for FreeBSD server, Linux/ifconfig client, problems
with ICMP6 neighbor solicitations from BSD not being answered by Linux)
* semi-fixed for NetBSD, 28.2.10, always do tun0 destroy / tun0 create
before actual ifconfig -- tunnel still lingers after OpenVPN quits
+4b.) verify this - on FreeBSD, tun0 is auto-destroyed if created by
+ opening /dev/tun (and lingers if created by "ifconfig tun0 create")
+
+ -> use for persistant tunnels on not-linux?
+
5.) add new option "ifconfig-ipv6-push"
(per-client static IPv6 assignment, -> radiusplugin, etc)
8.) full IPv6 support for TAP interfaces
(main issue should be routes+gateway - and testing :-) )
+ test 2010/09/24: TAP itself works on linux/ifconfig+iproute2, but
+ route-via-tap doesn't work at all (route points to "tap0" which fails)
+
+17:51:14.075412 fe:ab:6e:c5:53:71 > 33:33:ff:00:00:01, ethertype IPv6 (0x86dd), length 86: 2001:608:4:a053::1:0 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2001:608:4:a001::1, length 32
+
+ how is iroute-via-tap supposed to work??
+
9.) verify that iroute-ipv6 and route-ipv6 interact in the same way as
documented for iroute/route:
- revert ifconfig/open_tun order to "normal" (separate commit!!!)
(openvpn-devel, Subject: OpenBSD)
- test
+
+17.) client-option (Elwood)
+ - ignore-v6-push-options yes/no
+ - ignore-v6-route-push ("as for IPv4 routes")
+
+18.) fail-save? "what if 'ip -6 addr add' fails" -> fail, or fallback to v4?
+ (-> recomment setting "ignore-v6-push-options yes")
+
+19.) safety check: if connecting over IPv6 (v6 transport) and the pushed
+ route-ipv6 network encompasses the server IPv6 address, make sure
+ we at least log a warning (until we can fiddle with external routing
+ to make this work correctly).
+
+20.) show "route add" / "route delete" commands for IPv6 in log file
+ (we show the "ifconfig" commands, so why not the routes?)
+
+ 2010-08-07: this is a null-feature - it's already there, but with
+ different debug level (M_INFO vs. D_ROUTE) so user
+ didn't notice
+
+21.) enable ipv6-only server operations
+ - decouple ipv6 pool handling from ipv4 pool
+ - make sure Rest of OpenVPN doesn't assume "there will always be IPv4"
+
+22.) implement --learn-address for IPv6
+
+23.) FreeBSD 8 seems to require explicit setting of the "ifconfig" IPv6
+ route, while FreeBSD 6+7 don't --> more testing, and code fix
+
+ workaround for the time being: just add
+
+ server-ipv6 2001:608:4:a051::/64
+ route-ipv6 2001:608:4:a051::/64
+
+ to the config
+
+ (problem + workaround applies both to tun and tap style devices)
if (ir6->netbits >= 0)
{
ASSERT (ir6->netbits < MR_HELPER_NET_LEN);
- mroute_helper_lock (mh);
++mh->cache_generation;
++mh->net_len_refcount[ir6->netbits];
if (mh->net_len_refcount[ir6->netbits] == 1)
mroute_helper_regenerate (mh);
- mroute_helper_unlock (mh);
}
}
if (ir6->netbits >= 0)
{
ASSERT (ir6->netbits < MR_HELPER_NET_LEN);
- mroute_helper_lock (mh);
++mh->cache_generation;
--mh->net_len_refcount[ir6->netbits];
ASSERT (mh->net_len_refcount[ir6->netbits] >= 0);
if (!mh->net_len_refcount[ir6->netbits])
mroute_helper_regenerate (mh);
- mroute_helper_unlock (mh);
- }
-}
-
-/* this is a bit inelegant, we really should have a helper to that
- * is only passed the netbits value, and not the whole struct iroute *
- * - thus one helper could do IPv4 and IPv6. For the sake of "not change
- * code unrelated to IPv4" this is left for later cleanup, for now.
- */
-void
-mroute_helper_add_iroute6 (struct mroute_helper *mh,
- const struct iroute_ipv6 *ir6)
-{
- if (ir6->netbits >= 0)
- {
- ASSERT (ir6->netbits < MR_HELPER_NET_LEN);
- mroute_helper_lock (mh);
- ++mh->cache_generation;
- ++mh->net_len_refcount[ir6->netbits];
- if (mh->net_len_refcount[ir6->netbits] == 1)
- mroute_helper_regenerate (mh);
- mroute_helper_unlock (mh);
- }
-}
-
-void
-mroute_helper_del_iroute6 (struct mroute_helper *mh,
- const struct iroute_ipv6 *ir6)
-{
- if (ir6->netbits >= 0)
- {
- ASSERT (ir6->netbits < MR_HELPER_NET_LEN);
- mroute_helper_lock (mh);
- ++mh->cache_generation;
- --mh->net_len_refcount[ir6->netbits];
- ASSERT (mh->net_len_refcount[ir6->netbits] >= 0);
- if (!mh->net_len_refcount[ir6->netbits])
- mroute_helper_regenerate (mh);
- mroute_helper_unlock (mh);
}
}
#ifdef ENABLE_EUREPHIA
" [eurephia]"
#endif
- " [IPv6 payload 20100922-1]"
+ " [IPv6 payload 20110424-2 (2.2RC2)]"
" built on " __DATE__
;
/*
* Convert an in6_addr in host byte order
* to an ascii representation of an IPv6 address
- * (we reuse the L_INET_NTOA mutex, no contention here)
*/
const char *
print_in6_addr (struct in6_addr a6, unsigned int flags, struct gc_arena *gc)
if ( memcmp(&a6, &in6addr_any, sizeof(a6)) != 0 ||
!(flags & IA_EMPTY_IF_UNDEF))
{
- mutex_lock_static (L_INET_NTOA);
inet_ntop (AF_INET6, &a6, tmp_out_buf, sizeof(tmp_out_buf)-1);
buf_printf (&out, "%s", tmp_out_buf );
- mutex_unlock_static (L_INET_NTOA);
}
return BSTR (&out);
}
projects / thirdparty / openvpn.git / commitdiff
