Menu
▾
▴
Re: [Openvpn-users] 2.0 Feature Freeze Discussion
|
From: Claas H. <cla...@ju...> - 2004-12-10 10:14:24
|
--Am Donnerstag, 2. Dezember 2004 17:12 -0700 James Yonan <ji...@yo...> schrieb: >> As requested previously I would like to see a pause/continue command to >> allow a tunnel to set "on hold". What is very important is that even >> openvpn internal traffic should be set to hold. > > The problem is that if you pause a tunnel, the other side of the > connection will time out if it is using --ping-restart or --keepalive. > So when the tunnel is restarted, the other side of the connection may no > longer be there. > > It might be possible to do this using a "restart and hold" action, where > OpenVPN does a SIGUSR1-style shutdown, but then delays the restart until a > command is received from the management interface. Yes, that would be ok I think. Imagine the following situation where a user has configured his home network to wait for a connection from the outside. Now the person travels and he/she can connect to the home network via GPRS. Running OpenVPN all the time costs needless traffic. If the user can start the OpenVPN tunnel in a "hold" mode while booting his notebook he can simply switch on the connection to the home network with a simple command (please have in mind that not every openvpn user is a system administrator), e.g. a button on his desktop. Since the "home" endpoint wait for a connection that is perfectly ok. Setting the tunnel to "hold" again simply triggers the restart option at home and saves traffic costs at the other side. So we need a way to start an openvpn process in hold mode (with a keyword) and later we can change the state with the management console. -- Claas Hilbrecht http://www.jucs-kramkiste.de |