From 20006b8e622ca4d4ca7dc6f316d9b2d948ca3687 Mon Sep 17 00:00:00 2001 From: james Date: Wed, 12 Oct 2005 12:04:14 +0000 Subject: svn merge -r 585:599 https://svn.openvpn.net/projects/openvpn/trunk 2.1_beta1 git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@600 e7ae566f-a301-0410-adde-c780ea21d3b5 --- openvpn.8 | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) (limited to 'openvpn.8') diff --git a/openvpn.8 b/openvpn.8 index 2d40ca9..987b042 100644 --- a/openvpn.8 +++ b/openvpn.8 @@ -440,7 +440,7 @@ If unspecified, OpenVPN will bind to all interfaces. .\"********************************************************* .TP .B --remote host [port] -Remote host name or IP address. Multiple +Remote host name or IP address. On the client, multiple .B --remote options may be specified for redundancy, each referring to a different OpenVPN server. @@ -457,13 +457,26 @@ Note that at any given time, the OpenVPN client will at most be connected to one server. -Also, note that since UDP is connectionless, connection failure +Note that since UDP is connectionless, connection failure is defined by the .B --ping and .B --ping-restart options. +Note the following corner case: If you use multiple +.B --remote +options, AND you are dropping root privileges on +the client with +.B --user +and/or +.B --group, +AND the client is running a non-Windows OS, if the client needs +to switch to a different server, and that server pushes +back different TUN/TAP or route settings, the client may lack +the necessary privileges to close and reopen the TUN/TAP interface. +This could cause the client to exit with a fatal error. + If .B --remote is unspecified, OpenVPN will listen -- cgit