|
|
On Fri, 4 Feb 2005, Nik wrote: > James Yonan wrote: > > >>>No, the behaviour makes sense -- if you use --persist-remote-ip you are > >>>telling OpenVPN to reuse its current remote IP on restart. > >> > >>Except in this case, there is no current remote ip, because the client > >>hasn't managed to connect yet. > > > > > > In this context, the current remote IP is the most recent address which > > was tried, not the last address which succeeded. > > > > James > > I'm probably missing something obvious here, but what situation does > this behaviour benefit? Effectively, --persist-remote-ip disables all > but the first --remote parameter. Is this the most useful behaviour? > > I guess what I'm asking is: is the current behaviour the intended > result, or more the side-effect of combining two otherwise unrelated > options? It's the latter. --persist-remote-ip was written a long time before OpenVPN had the capability to handle multiple --remote addresses or even support a client/server mode, so no one yet has really examined the question of how to sanely handle --persist-remote-ip + multiple --remote addresses. I think your idea makes sense: If --persist-remote-ip is used, then a ping-restart or other SIGUSR1-type conditional restart will retry the current IP and and only move on to the next IP in the list if the retry fails. James ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |