Page 1 of 1
Add iroute from ccd as system route
Posted: Sat Aug 22, 2020 2:11 pm
by pkirsche
Hello Folks,
I'd like to see an option, that in case a client connects to the server and has a corresponding ccd file including an iroute, that openvpn automatically adds a route to the kernel routing (of a linux server host).
Just the same procedure as we have it already with the "route" parameter in the main configuration.
Maybe it is thinkable that we can use this "route" parameter also in ccd file?
Thanks for your feedback
Re: Add iroute from ccd as system route
Posted: Sat Aug 22, 2020 3:25 pm
by TinCanTech
What advantages would this have over the current method ?
Re: Add iroute from ccd as system route
Posted: Thu Aug 27, 2020 12:59 pm
by pkirsche
Hello,
first of all, thanks for your answer!
Thinking of a setup of multiple site-2-site networks connected to my server, with the "route" command used inside the ccds, I have only routings to client subnets which are really connected and reachable.
Using the route parameter inside the main configuration file, there is no flexibility regarding the connection state of the client. The kernel will always route the packet to the tun device even if the client is not connected.
This makes it complicated to realize some fallback mechanism or load balancing without using up/down scripts.
So primary this would make the configuration more easy, flexible and comfortable by not needing any up/down scripts for this scenario.
Re: Add iroute from ccd as system route
Posted: Thu Aug 27, 2020 1:51 pm
by TinCanTech
I believe this has been discussed before and the outcome was that it is not important enough for the developers to invest time into. These are the reasons:
- Time to write the code. Developer time is hard to come by as it is.
- Maintaining the code. Time again ..
- Not widely needed and can be done by simple scripts.
However, if you feel confident to submit code for review then I have no doubt it would be welcome.