From: Gert Doering <gert@greenie.muc.de>
Date: Thu, 14 Jan 2010 14:52:06 +0000 (+0100)
Subject: 4a, 9, 10, 11, 12 added - and 11. done right away :-)
X-Git-Tag: v2.3-alpha1~239^2~28
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0b6f1912fc483734da504dfbc6a5a155008806bb;p=thirdparty%2Fopenvpn.git

4a, 9, 10, 11, 12 added - and 11. done right away :-)
(cherry picked from commit ea382a1d550ac100d27c8118777e3160c85d06d2)
---

diff --git a/TODO.IPv6 b/TODO.IPv6
index f91c6ed00..3ea69a569 100644
--- a/TODO.IPv6
+++ b/TODO.IPv6
@@ -22,6 +22,17 @@ known issues for IPv6 payload support in OpenVPN
     For Solaris, only the "ipv6 tun0" is affected, for the *BSDs all tun0
     stay around.
 
+4a.) deconfigure IPv6 on tun interface on session termination, otherwise
+    one could end up with something like this (on NetBSD):
+
+tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
+        inet 10.9.0.18 -> 10.9.0.17 netmask 0xffffffff
+        inet6 fe80::a00:20ff:fece:d299%tun0 ->  prefixlen 64 scopeid 0x3
+        inet6 2001:608:4:eff::2000:3 ->  prefixlen 64
+        inet6 2001:608:4:eff::1:3 ->  prefixlen 64
+
+    (pool was changed, previous address still active on tun0, breakage)
+
 5.) add new option "ifconfig-ipv6-push"
     (per-client static IPv6 assignment, -> radiusplugin, etc)
 
@@ -35,3 +46,26 @@ known issues for IPv6 payload support in OpenVPN
 
 8.) full IPv6 support for TAP interfaces 
     (main issue should be routes+gateway - and testing :-) )
+
+9.) verify that iroute-ipv6 and route-ipv6 interact in the same way as
+    documented for iroute/route:
+
+    A's subnet, OpenVPN must push this route to all clients
+    EXCEPT for A, since the subnet is already owned by A.
+    OpenVPN accomplishes this by not
+    not pushing a route to a client
+    if it matches one of the client's iroutes.
+
+10.) extend "ifconfig-ipv6" to handle specification of /netbits, pushing
+    of /netbits, and correctly ifconfig'ing this
+    (default, if not specified: /64)
+
+11.) do not add ipv6-routes if tun-ipv6 is not set - complain instead
+
+     * done * 12.1.10
+
+12.) handle incoming [::] and [fe80:...] packets in tun-p2mp MULTI mode
+     (most likely those are DAD packets)
+     silently ignore DAD?  
+        Or accept-and-forward iff (multicast && client2client)?
+     handle NS/NA