summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGert Doering <gert@greenie.muc.de>2015-09-11 17:33:46 +0200
committerGert Doering <gert@greenie.muc.de>2015-09-20 14:44:16 +0200
commitfa5697f022110f557710f709c9ac0a3420bb073c (patch)
tree32016158517a53abf2c1cff41bd4938fa62d0ea9
parent2ff366f78a2bf8d0a2744db9b59f7274b671a042 (diff)
downloadopenvpn-fa5697f022110f557710f709c9ac0a3420bb073c.zip
openvpn-fa5697f022110f557710f709c9ac0a3420bb073c.tar.gz
openvpn-fa5697f022110f557710f709c9ac0a3420bb073c.tar.xz
Fix IPv6 host routes to LAN gateway on OpenSolaris
The tun/tap routes need to be set with "metric 0", while this will prevent routes to LAN gateways from being installed. So, set metric 0 only if no other interface is requested... (Note: OpenSolaris can not specify host+interface gateways, so we just use the GW addresses - it seems to still work for fe80:: addresses, however it is done internally. NUD maybe?) Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <1441985627-14822-10-git-send-email-gert@greenie.muc.de> URL: http://article.gmane.org/gmane.network.openvpn.devel/10092
-rw-r--r--src/openvpn/route.c17
1 files changed, 12 insertions, 5 deletions
diff --git a/src/openvpn/route.c b/src/openvpn/route.c
index 5f8a44d..c011f99 100644
--- a/src/openvpn/route.c
+++ b/src/openvpn/route.c
@@ -1805,17 +1805,25 @@ add_route_ipv6 (struct route_ipv6 *r6, const struct tuntap *tt, unsigned int fla
/* example: route add -inet6 2001:db8::/32 somegateway 0 */
- /* for some weird reason, this does not work for me unless I set
+ /* for some reason, routes to tun/tap do not work for me unless I set
* "metric 0" - otherwise, the routes will be nicely installed, but
- * packets will just disappear somewhere. So we use "0" now...
+ * packets will just disappear somewhere. So we always use "0" now,
+ * unless the route points to "gateway on other interface"...
+ *
+ * (Note: OpenSolaris can not specify host%interface gateways, so we just
+ * use the GW addresses - it seems to still work for fe80:: addresses,
+ * however this is done internally. NUD maybe?)
*/
-
- argv_printf (&argv, "%s add -inet6 %s/%d %s 0",
+ argv_printf (&argv, "%s add -inet6 %s/%d %s",
ROUTE_PATH,
network,
r6->netbits,
gateway );
+ /* on tun/tap, not "elsewhere"? -> metric 0 */
+ if ( !r6->iface )
+ argv_printf_cat (&argv, "0");
+
argv_msg (D_ROUTE, &argv);
status = openvpn_execve_check (&argv, es, 0, "ERROR: Solaris route add -inet6 command failed");
@@ -2188,7 +2196,6 @@ delete_route_ipv6 (const struct route_ipv6 *r6, const struct tuntap *tt, unsigne
#elif defined (TARGET_SOLARIS)
/* example: route delete -inet6 2001:db8::/32 somegateway */
- /* GERT-TODO: this is untested, but should work */
argv_printf (&argv, "%s delete -inet6 %s/%d %s",
ROUTE_PATH,