Page 1 of 1

Static Client IP's and CCD queries

Posted: Mon Jul 22, 2019 8:00 am
by nickh
I am looking to try to set up some fixed IP's on my system and I understand I can use a ccd folder and files in it from such a purpose, but I am concerned about potential clashes with clients without fixed IP and I am hoping I can get some answers to some questions.

If you are using ifconfig-pool-persist (e.g ipp.txt) to track connections, it looks like the use of a ccd file overrules the ipp.txt. As an example, if Fred was connected with a dynamically allocated IP of (so in the ipp.txt file), if Joe had a ccd file with "ifconfig-push" in it and then connected, Joe will end up with the same IP as Fred. This is clearly bad news (Fred loses his connection and the server can't ping either client).

For this reason, it looks like it is only safe to allocate a fixed IP to a user once a user has an entry in the ipp.txt file. Unfortunately the file is only written to when OpenVPN terminates. Is there any way of forcing it to write to the file while it is running?

When a new user comes along who has never connected before, does OpenVPN scan both the ipp.txt (or its internal table if it has not flushed it to file) and the ccd files to determine the next available IP, or does it just use its ipp.txt/internal table to determine the next available IP?

If you use a ccd file, and connect, does the IP address ever get written to the ipp.txt file? In my testing I never saw that it did but I may have missed something.

Re: Static Client IP's and CCD queries

Posted: Sun Jul 28, 2019 1:12 pm
by nickh
Bump. Anyone, please?

Re: Static Client IP's and CCD queries

Posted: Sun Jul 28, 2019 2:06 pm
by TinCanTech
There is a some what convoluted example here: ... sspolicies

Re: Static Client IP's and CCD queries

Posted: Mon Jul 29, 2019 11:50 am
by nickh
Thanks for that. I think I'd bumped into it before but not realised the significance. It looks like the key thing is to keep static IP's and the OpenVPN "dynamic IP's" (i.e. those that end up in ipp.txt) on different subnets by adding extra routes to the clients.conf for the static IPs, e.g:

Code: Select all

Then allocate the static IP's from within this subnet.