Page MenuHomePhabricator

OpenVPN push route failure
Closed, ResolvedPublic

Description

OpenVPN push route statements cause config failure:

set interfaces openvpn vtun0 server push-route '10.1.2.0/24'
set interfaces openvpn vtun0 server push-route '10.2.2.0/24'

The tunnel config is removed entirely on boot.

I was able to fix the problem with this patch:

--- /usr/libexec/vyos/conf_mode/interface-openvpn.py.orig       2019-08-20 13:52:16.000000000 -0400
+++ /usr/libexec/vyos/conf_mode/interface-openvpn.py    2019-08-27 14:00:29.893976900 -0400
@@ -522,9 +522,10 @@

     # Route to be pushed to all clients
     if conf.exists('server push-route'):
-        network = conf.return_value('server push-route')
-        tmp = IPv4Interface(network).with_netmask
-        openvpn['server_push_route'] = tmp.replace(r'/', ' ')
+        openvpn['server_push_route']=[]
+        for network in conf.return_values('server push-route'):
+            tmp = IPv4Interface(network).with_netmask
+            openvpn['server_push_route'].append(tmp.replace(r'/', ' '))

     # Reject connections from clients that are not explicitly configured
     if conf.exists('server reject-unconfigured-clients'):

Details

Difficulty level
Unknown (require assessment)
Version
1.2-rolling-201908210337
Why the issue appeared?
Will be filled on close

Event Timeline

brianmarcotte created this object in space S1 VyOS Public.
c-po claimed this task.Aug 27 2019, 7:41 PM
c-po closed this task as Resolved.Aug 27 2019, 8:19 PM
c-po triaged this task as High priority.
c-po added a project: VyOS 1.3 Equuleus.
c-po moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.Oct 13 2019, 3:06 PM