{"id":2512,"date":"2015-07-03T12:44:13","date_gmt":"2015-07-03T11:44:13","guid":{"rendered":"http:\/\/kudzia.eu\/b\/?p=2512"},"modified":"2015-07-03T12:44:13","modified_gmt":"2015-07-03T11:44:13","slug":"openvpn-point-to-point-server-listening-both-on-v4-and-v6","status":"publish","type":"post","link":"https:\/\/kudzia.eu\/b\/2015\/07\/openvpn-point-to-point-server-listening-both-on-v4-and-v6\/","title":{"rendered":"openvpn point-to-point server listening both on v4 and v6"},"content":{"rendered":"

at work i have openvpn between OVH dedicated server and our datacenter. due to varying bandwidth we sometimes use udp over ipv6 and sometimes over ipv4 as an encapsulation method. whenever we did the switch we always had to reconfigure both ends of the tunnel. it turns out that with recent openvpns and kernels it’s possible to have single server config that listens on both v4 and v6.
\n<\/p>\n

on the server side i used to reconfigure from:<\/p>\n

\r\nlocal 2001:1122:1:123::2\r\nport 1234\r\nproto udp6\r\n<\/pre>\n
to<\/p>\n
\r\nlocal 123.45.67.89\r\nport 1234\r\nproto udp\r\n<\/pre>\n
and on the client side from:<\/p>\n
\r\nremote 2001:1122:1:123::2 1234\r\nproto udp\r\n<\/pre>\n
to<\/p>\n
\r\nremote 123.45.67.89 1234\r\nproto udp\r\n<\/pre>\n
with recent kernels [ >=3.15] , using openvpn >2.3.1 it’s possible to have the server listen on both v4 and v6. so my new server code includes:<\/p>\n
\r\n# there's no more listen here!\r\nport 1806\r\nmultihome\r\nproto udp6\r\n<\/pre>\n
and client has either:<\/p>\n
\r\nremote 123.45.67.89 1234 udp\r\n<\/pre>\n
or<\/p>\n
\r\nremote 2001:1122:1:123::2 1234 udp6\r\n<\/pre>\n
one thing less to edit in the middle of the night : ]<\/p>\n
helpful resources: https:\/\/community.openvpn.net\/openvpn\/ticket\/306<\/p>\n","protected":false},"excerpt":{"rendered":"
at work i have openvpn between OVH dedicated server and our datacenter. due to varying bandwidth we sometimes use udp over ipv6 and sometimes over ipv4 as an encapsulation method. whenever we did the switch we always had to reconfigure both ends of the tunnel. it turns out that with recent openvpns and kernels it’s […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[51],"tags":[47,89],"class_list":["post-2512","post","type-post","status-publish","format-standard","hentry","category-unimportant","tag-linux-networking","tag-openvpn"],"_links":{"self":[{"href":"https:\/\/kudzia.eu\/b\/wp-json\/wp\/v2\/posts\/2512","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kudzia.eu\/b\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kudzia.eu\/b\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kudzia.eu\/b\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kudzia.eu\/b\/wp-json\/wp\/v2\/comments?post=2512"}],"version-history":[{"count":1,"href":"https:\/\/kudzia.eu\/b\/wp-json\/wp\/v2\/posts\/2512\/revisions"}],"predecessor-version":[{"id":2513,"href":"https:\/\/kudzia.eu\/b\/wp-json\/wp\/v2\/posts\/2512\/revisions\/2513"}],"wp:attachment":[{"href":"https:\/\/kudzia.eu\/b\/wp-json\/wp\/v2\/media?parent=2512"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kudzia.eu\/b\/wp-json\/wp\/v2\/categories?post=2512"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kudzia.eu\/b\/wp-json\/wp\/v2\/tags?post=2512"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}