Branch: refs/heads/master
Home: https://github.com/OpenVPN/openvpn
Commit: eeb866ac6ab3ee7df9148d18f05d909f05d7b77a
https://github.com/OpenVPN/openvpn/commit/eeb866ac6ab3ee7df9148d18f05d909f05d7b77a
Author: Gert Doering <ge...@gr...>
Date: 2025-11-26 (Wed, 26 Nov 2025)
Changed paths:
M Changes.rst
M doc/man-sections/server-options.rst
M src/openvpn/options.c
M src/openvpn/socket.c
M src/openvpn/socket.h
Log Message:
-----------
Change '--multihome' behaviour regarding egress interface selection.
Traditional OpenVPN ``--multihome`` behaviour is to send packets out the
same interface that they were received on (copy ipi_ifindex from ingress
to egress packet info). For some scenarios this makes sense, for other
scenarios it is breaking connectivity when there are no routes pointing
out the ingress interface (intentionally asymmetric traffic).
For 2.7.0, change the default(!) to always send out packets with
ipi_ifindex = 0, to follow normal system interface selection rules.
Add a flag ``--multihome same-interface`` to restore the pre-2.7 behavior
of copying ipi_ifindex from ingress to egress packets. There are use
cases for this, and we want to give users a chance to read the release
notes and adjust their setups to "not break after upgrading to 2.7.0".
Github: OpenVPN/openvpn#855
Github: OpenVPN/openvpn#554
v2: fix whitespace
v3: turn logic around - new default is "egress ifindex 0" now
v4: typo fixed in commit message
v5: fix invalid rst in Changes.rst
Change-Id: Id429241e1b17a8ff51d9019efc357c910f3bde4c
Signed-off-by: Gert Doering <ge...@gr...>
Acked-by: Frank Lichtenheld <fr...@li...>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1383
Message-Id: <202...@gr...>
URL: https://www.mail-archive.com/ope...@li.../msg34709.html
Signed-off-by: Gert Doering <ge...@gr...>
To unsubscribe from these emails, change your notification settings at https://github.com/OpenVPN/openvpn/settings/notifications
|
