mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-09-20 20:03:13 +02:00
190 lines
7.0 KiB
Plaintext
190 lines
7.0 KiB
Plaintext
|
Do 31. Dez 15:32:40 CET 2009 Gert Doering
|
||
|
|
||
|
* Basic IPv6 p2mp functionality implemented
|
||
|
|
||
|
* new options:
|
||
|
- server-ipv6
|
||
|
- ifconfig-ipv6
|
||
|
- ifconfig-ipv6-pool
|
||
|
- route-ipv6
|
||
|
- iroute-ipv6
|
||
|
|
||
|
* modules touched:
|
||
|
- init.c: init & setup IPv6 route list & add/delete IPv6 routes
|
||
|
- tun.c: add "ifconfig" and "route" handling for IPv6
|
||
|
- multi.c: IPv6 ifconfig-pool assignments
|
||
|
put to route-hash table
|
||
|
push to client
|
||
|
- pool.c: extend pools to handle IPv4+IPv6, and also return IPv6 address
|
||
|
IPv6 address saved to file if ifconfig-pool-persist is set
|
||
|
(but ignored on read due to the way pools work)
|
||
|
- mroute.c: handle reading src/dst addresses from IPv6 packets
|
||
|
(so multi.c can check against route-hash table)
|
||
|
handle printing of IPv6 mroute_addr structure
|
||
|
- helper.c: implement "server-ipv6" macro (->ifconfig-ipv6, pool, ...)
|
||
|
- options.c: implement all the new options
|
||
|
add helper functions for IPv6 address handling
|
||
|
- forward.c: tell do_route() about IPv6 routes
|
||
|
- route.c: handle IPv6 route lists + route option lists
|
||
|
extend add_routes() to do IPv4 + IPv6 route lists
|
||
|
extend delete_routes() to do IPv4 + IPv6 route lists
|
||
|
implement add_route_ipv6(), delete_route_ipv6() to call
|
||
|
system-dependend external program to do the work
|
||
|
- push.c: handle pushing of "ifconfig-ipv6" option
|
||
|
- socket.c: helper function to check & print IPv6 address strings
|
||
|
|
||
|
* known issues:
|
||
|
- operating system support on all but Linux (ifconfig, route)
|
||
|
- route-ipv6 gateway handling
|
||
|
- iroute-ipv6 not implemented
|
||
|
- TAP support: ifconfig, routing (route needs gateway!)
|
||
|
|
||
|
* release as patch 20091231-1
|
||
|
|
||
|
Thu Dec 31 17:02:08 CET 2009
|
||
|
|
||
|
* NetBSD port (NetBSD 3.1 on Sparc64)
|
||
|
|
||
|
* mroute.c, socket.c: make byte/word access to in6_addr more portable
|
||
|
|
||
|
* tun.c: fix IPv6 ifconfig arguments on NetBSD
|
||
|
|
||
|
still doesn't work on NetBSD 3.1, "ifconfig tun0 inet6..." errors with
|
||
|
|
||
|
ifconfig: SIOCAIFADDR: Address family not supported by protocol family
|
||
|
|
||
|
(sys/net/if_tun.c, needs to be revision 1.80 or later, NetBSD PR 32944,
|
||
|
included in NetBSD 4.0 and up)
|
||
|
|
||
|
|
||
|
Fri Jan 1 14:07:15 CET 2010
|
||
|
|
||
|
* FreeBSD port (FreeBSD 6.3-p12 on i386)
|
||
|
|
||
|
* tun.c: implement IPv6 ifconfig setting for FreeBSD
|
||
|
|
||
|
* route.c: fix %s/%s argument to IPv6 route add/delete command for *BSD
|
||
|
|
||
|
* TEST SUCCESS: FreeBSD 6.3-p12, server-ipv6, route-ipv6, ccd/iroute-ipv6
|
||
|
|
||
|
* multi.c: implement setting and deleting of iroute-ipv6
|
||
|
(multi_add_iroutes(), multi_del_iroutes())
|
||
|
* mroute.c: add mroute_helper_add_iroute6(), mroute_helper_del_iroute6()
|
||
|
* mroute.h: add prototypes, increase MR_HELPER_NET_LEN to 129 (/0.../128)
|
||
|
* multi.c: zeroize host part of IPv6 iroutes in multi_learn_in6_addr()
|
||
|
* mroute.c: implement mroute_addr_mask_host_bits() for IPv6
|
||
|
|
||
|
* TEST SUCCESS: Linux 2.6.30 (Gentoo)/iproute2, server-ipv6, ccd/iroute-ipv6
|
||
|
|
||
|
* TEST SUCCESS: Linux 2.6.30 (Gentoo)/ifconfig, client-ipv6
|
||
|
|
||
|
* TEST FAIL: NetBSD 5.0, IPv6 client
|
||
|
- "ifconfig tun0 .../64" does not create a "connected" route
|
||
|
- adding routes fails
|
||
|
|
||
|
--> more work to do here.
|
||
|
|
||
|
* release as patch 20100101-1
|
||
|
|
||
|
* TEST FAIL:
|
||
|
FreeBSD 6.3-p12 server "--topology subnet"
|
||
|
Linux/ifconfig client
|
||
|
- BSD sends ICMP6 neighbor solicitations, which are ignored by Linux
|
||
|
- server tun interface is not in p2p mode, client tun interface *is*
|
||
|
|
||
|
* TEST SUCCESS: non-ipv6 enabled client -> "--server-ipv6" server
|
||
|
(warnings in the log file, but no malfunctions)
|
||
|
|
||
|
|
||
|
Sat Jan 2 19:48:35 CET 2010
|
||
|
|
||
|
* tun.c: change "ipv6_support()", do not turn off tt->ipv6 unconditionally
|
||
|
if we don't know about OS IPv6 support - just log warning
|
||
|
|
||
|
* tun.c: implement "ifconfig inet6" setting for MacOS X / Darwin
|
||
|
|
||
|
* route.c: split *BSD system dependent part of add/delete_route_ipv6()
|
||
|
into FreeBSD/Dragonfly and NetBSD/Darwin/OpenBSD variants
|
||
|
("2001:db8::/64" vs. "2001:db8:: --prefixlen 64").
|
||
|
|
||
|
* tun.c: on MacOS X, NetBSD and OpenBSD, explicitely set on-link route
|
||
|
|
||
|
* TEST SUCCESS: MacOS X, client-ipv6 with route-ipv6
|
||
|
|
||
|
|
||
|
Sun Jan 3 10:55:31 CET 2010
|
||
|
|
||
|
* route.c: NetBSD fails with "-iface tun0", needs gateway address
|
||
|
(assume that the same syntax is needed for OpenBSD)
|
||
|
|
||
|
* route.h: introduce "remote_endpoint_ipv6" into "struct route_ipv6_list"
|
||
|
|
||
|
* init.c: pass "ifconfig_ipv6_remote" as gateway to init_route_ipv6_list()
|
||
|
|
||
|
* route.c:
|
||
|
- init_route_ipv6(): use "remote_endpoint_ipv6" as IPv6 gateway address
|
||
|
if no gateway was specified explicitely
|
||
|
|
||
|
- init_route_ipv6_list(): fill in "remote_endpoint_ipv6", if parseable
|
||
|
|
||
|
- get rid of "GATEWAY-LESS ROUTE6" warning
|
||
|
|
||
|
* route.c, add_route_ipv6()
|
||
|
- explicitely clear host bits of base address, to be able to more
|
||
|
easily set up "connected" /64 routes on NetBSD+Darwin
|
||
|
|
||
|
- split system-dependent part between Darwin and NetBSD/OpenBSD
|
||
|
(Darwin can use "-iface tun0", NetBSD/OpenBSD get gateway address)
|
||
|
|
||
|
- change Solaris comments from "known-broken" to "unknown"
|
||
|
|
||
|
* tun.c: rework NetBSD tunnel initialization and tun_read() / tun_write()
|
||
|
to work the same way OpenBSD and NetBSD do - tunnel is put into
|
||
|
"multi-af" mode, and all packet read/write activity is prepended by
|
||
|
a 32 bit value specifying the address family.
|
||
|
|
||
|
* TEST SUCCESS: NetBSD 5.0/Sparc64: client-ipv6 with route-ipv6
|
||
|
|
||
|
* TEST SUCCESS: MacOS X 10.5: client-ipv6 with route-ipv6
|
||
|
|
||
|
* (RE-)TEST SUCCESS: Linux/iproute2: server-ipv6
|
||
|
Linux/ifconfig: client-ipv6
|
||
|
FreeBSD 6.3: server-ipv6
|
||
|
|
||
|
* release as patch 20100103-1
|
||
|
|
||
|
* options.c: document all new options in "--help"
|
||
|
|
||
|
* tun.c: fix typo in Solaris-specific section
|
||
|
|
||
|
* socket.h, socket.c: change u_int32_t to uint32_t
|
||
|
(Solaris - and all the rest of the code uses "uintNN" anyway)
|
||
|
|
||
|
Mon Jan 4 17:46:58 CET 2010
|
||
|
|
||
|
* socket.c: rework add_in6_addr() to use 32-bit access to struct in6_addr
|
||
|
(Solaris has no 16-bit values in union, but this is more elegant as well)
|
||
|
|
||
|
* tun.c: fix "ifconfig inet6" command for Solaris
|
||
|
|
||
|
* tun.c: make sure "tun0 inet6" is unplumbed first, cleanup leftovers
|
||
|
|
||
|
* route.c: add routes with "metric 0" on solaris, otherwise they just
|
||
|
don't work (someone who understands Solaris might want to fix this).
|
||
|
|
||
|
* Solaris "sort of" works now - ifconfig works, route add does not give
|
||
|
errors, "netstat -rn" looks right, but packets are discarded unless
|
||
|
the routes are installed with "metric 0". So we just use "metric 0"...
|
||
|
|
||
|
* CAVEAT: Solaris "ifconfig ... preferred" interferes with source address
|
||
|
selection. So if there are any active IPv6 interfaces configured with
|
||
|
"preferred", packets leaving out the tunnel will use the wrong source
|
||
|
IPv6 address. Not fixable from within OpenVPN.
|
||
|
|
||
|
* CAVEAT2: Solaris insists on doing DHCPv6 on tun0 interfaces by default,
|
||
|
so DHCPv6 solicitation packets will be seen. Since the server end has
|
||
|
no idea what to do with them, they are a harmless nuisance. Fixable
|
||
|
on the Solaris side via "ndpd.conf" (see ``man ifconfig'').
|
||
|
|
||
|
* release as patch 20100104-1
|