From: james Date: Wed, 12 Oct 2005 12:04:14 +0000 (+0000) Subject: svn merge -r 585:599 https://svn.openvpn.net/projects/openvpn/trunk X-Git-Tag: v2.1_rc1~151 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=20006b8e622ca4d4ca7dc6f316d9b2d948ca3687;p=thirdparty%2Fopenvpn.git svn merge -r 585:599 https://svn.openvpn.net/projects/openvpn/trunk 2.1_beta1 git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@600 e7ae566f-a301-0410-adde-c780ea21d3b5 --- diff --git a/.svnignore b/.svnignore index 8805c21c0..31da1e90a 100644 --- a/.svnignore +++ b/.svnignore @@ -35,3 +35,6 @@ autom4te*.cache *.asc *.zip *.so +*.merge-left.* +*.merge-right.* +*.working diff --git a/openvpn.8 b/openvpn.8 index 2d40ca91f..987b04286 100644 --- a/openvpn.8 +++ b/openvpn.8 @@ -440,7 +440,7 @@ If unspecified, OpenVPN will bind to all interfaces. .\"********************************************************* .TP .B --remote host [port] -Remote host name or IP address. Multiple +Remote host name or IP address. On the client, multiple .B --remote options may be specified for redundancy, each referring to a different OpenVPN server. @@ -457,13 +457,26 @@ Note that at any given time, the OpenVPN client will at most be connected to one server. -Also, note that since UDP is connectionless, connection failure +Note that since UDP is connectionless, connection failure is defined by the .B --ping and .B --ping-restart options. +Note the following corner case: If you use multiple +.B --remote +options, AND you are dropping root privileges on +the client with +.B --user +and/or +.B --group, +AND the client is running a non-Windows OS, if the client needs +to switch to a different server, and that server pushes +back different TUN/TAP or route settings, the client may lack +the necessary privileges to close and reopen the TUN/TAP interface. +This could cause the client to exit with a fatal error. + If .B --remote is unspecified, OpenVPN will listen