diff options
author | Gert Doering <gert@greenie.muc.de> | 2015-09-11 17:33:46 +0200 |
---|---|---|
committer | Gert Doering <gert@greenie.muc.de> | 2015-09-20 14:44:16 +0200 |
commit | fa5697f022110f557710f709c9ac0a3420bb073c (patch) | |
tree | 32016158517a53abf2c1cff41bd4938fa62d0ea9 /src | |
parent | 2ff366f78a2bf8d0a2744db9b59f7274b671a042 (diff) | |
download | openvpn-fa5697f022110f557710f709c9ac0a3420bb073c.tar.gz openvpn-fa5697f022110f557710f709c9ac0a3420bb073c.tar.xz openvpn-fa5697f022110f557710f709c9ac0a3420bb073c.zip |
Fix IPv6 host routes to LAN gateway on OpenSolaris
The tun/tap routes need to be set with "metric 0", while this will
prevent routes to LAN gateways from being installed. So, set metric 0
only if no other interface is requested...
(Note: OpenSolaris can not specify host+interface gateways, so we just
use the GW addresses - it seems to still work for fe80:: addresses,
however it is done internally. NUD maybe?)
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1441985627-14822-10-git-send-email-gert@greenie.muc.de>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10092
Diffstat (limited to 'src')
-rw-r--r-- | src/openvpn/route.c | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/src/openvpn/route.c b/src/openvpn/route.c index 5f8a44d..c011f99 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -1805,17 +1805,25 @@ add_route_ipv6 (struct route_ipv6 *r6, const struct tuntap *tt, unsigned int fla /* example: route add -inet6 2001:db8::/32 somegateway 0 */ - /* for some weird reason, this does not work for me unless I set + /* for some reason, routes to tun/tap do not work for me unless I set * "metric 0" - otherwise, the routes will be nicely installed, but - * packets will just disappear somewhere. So we use "0" now... + * packets will just disappear somewhere. So we always use "0" now, + * unless the route points to "gateway on other interface"... + * + * (Note: OpenSolaris can not specify host%interface gateways, so we just + * use the GW addresses - it seems to still work for fe80:: addresses, + * however this is done internally. NUD maybe?) */ - - argv_printf (&argv, "%s add -inet6 %s/%d %s 0", + argv_printf (&argv, "%s add -inet6 %s/%d %s", ROUTE_PATH, network, r6->netbits, gateway ); + /* on tun/tap, not "elsewhere"? -> metric 0 */ + if ( !r6->iface ) + argv_printf_cat (&argv, "0"); + argv_msg (D_ROUTE, &argv); status = openvpn_execve_check (&argv, es, 0, "ERROR: Solaris route add -inet6 command failed"); @@ -2188,7 +2196,6 @@ delete_route_ipv6 (const struct route_ipv6 *r6, const struct tuntap *tt, unsigne #elif defined (TARGET_SOLARIS) /* example: route delete -inet6 2001:db8::/32 somegateway */ - /* GERT-TODO: this is untested, but should work */ argv_printf (&argv, "%s delete -inet6 %s/%d %s", ROUTE_PATH, |