From: Josh C. <jos...@us...> - 2009-04-20 18:44:23
|
Timothy Murphy wrote: > William Maddler wrote: > > >> "ifconfig-pool-persist /etc/openvpn/ipp.txt: This makes OpenVPN keep a >> list of certificate to IP relationships, so that a client connecting >> will (probably) always have the same IP. " >> > > Here is my ipp.txt : > -------------------------------------- > mary,192.168.5.4 > www.gayleard.com,192.168.5.8 > -------------------------------------- > Here is the relevant line in ifconfig on mary: > -------------------------------------- > tun0 Link encap:UNSPEC HWaddr > 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 > inet addr:192.168.5.6 P-t-P:192.168.5.5 Mask:255.255.255.255 > -------------------------------------- > which seems to have nothing to do with the entry above. > Similarly ifconfig on my server gives 2 tun0 IP addresses > different to the one above. > > There is a 3rd machine - a remote client - > which has not had an entry made in ipp.txt . > > It doesn't really worry me - > but I just don't see how these entries in ipp.txt > can possibly help. > The address shown on mary's line in the ipp.txt file is showing you the starting IP of the virtual /30 subnet allocated to clients in "net30" mode with tun (the default for a server/client setup.) 192.168.5.4/30 provides 2 usable peer IP's, .5 and .6 shown from your ifconfig output. You might find a tool like sipcalc or ipcalc useful, which are command line tools to show you network information; you can find some online versions of these as well. Here's some sample output that makes your example easier to understand: sipcalc 192.168.5.4/30 | grep range Network range - 192.168.5.4 - 192.168.5.7 Usable range - 192.168.5.5 - 192.168.5.6 -- Josh |