Re: IPv6 in network-manager-openvpn

[Dan Williams <dcbw redhat com>]

On Wed, 2013-12-18 at 01:04 +0100, Tore Anderson wrote:
> * Tore Anderson
>
> > I'm working on setting up a test VPN server where I can reproduce it and
> > generate a backtrace to share (I don't dare to do that towards my
> > employer's VPN server).
>
> Ok, so now I have a dual-stacked OpenVPN test server running and I've
> reproduced the problem there. It's all F20 RPMs, except that Nicolas
> Iooss' patches was applied on top of NetworkManager-openvpn[-gnome].
>
> I've attached the backtrace that ABRT grabbed after the crash happened.
>
> In case you or anyone else want to reproduce it, the test server is
> greed.fud.no (87.238.35.145, 2a02:c0:1001:100::145), port 1194/tcp, LZO
> compression enabled. It pushes two routes: 10.20.30.0/24 and
> 2001:db8:1::/64. 10.20.30.40 and 2001:db8:1::1 should respond to pings
> via the tunnel. Use the sample certificates included with OpenVPN - also
> available at http://fud.no/nm-openvpn-ipv6/ along with the server's
> config file. Prebuilt F20 RPMs of NetworkManager-openvpn[-gnome] with
> the IPv6 patches applied are also found there.

I poked at this today, using this config and your openvpn-2.4.0 RPMs:

[connection]
id=openvpn IPv6
uuid=3c0ca914-7855-4dc1-9d55-2eea4050ecb3
type=vpn
autoconnect=false

[vpn]
service-type=org.freedesktop.NetworkManager.openvpn
comp-lzo=yes
remote=87.238.35.145
ca=/usr/share/doc/openvpn/sample/sample-keys/ca.crt
cert=/usr/share/doc/openvpn/sample/sample-keys/client.crt
connection-type=tls
cert-pass-flags=0
key=/usr/share/doc/openvpn/sample/sample-keys/client.key

[ipv6]
method=auto

[ipv4]
method=auto

but got no response from the server.  Is it still up and configured?
I've at least verified that the NM-openvpn IPv6 changes don't cause
problems for my existing openvpn configurations, so that's progress at
least.

Dan