aleqx
commented
6 years ago Ok, I fixed it in this PR https://github.com/pekman/openvpn-netns/pull/6
Others can use my fork until/unless it gets merged: https://github.com/aleqx/openvpn-netns
Open aleqx opened 6 years ago
aleqx
commented
6 years ago Ok, I fixed it in this PR https://github.com/pekman/openvpn-netns/pull/6
Others can use my fork until/unless it gets merged: https://github.com/aleqx/openvpn-netns
If I have any existing running apps that bound to the openvpn interface to either listen or send, then if the openvpn tunnel dies and reconnects the netns is recreated fine, with the same name and IP, but the apps that were previously running in the netns can't reach the network any more ... it seems that even though the netns is recreated and has the same name, it's a different interface than the previous one. I have to restart ALL apps everywhere ...
This isn't a safe "set it and forget it" approach. To fix this, the net namespace and interface should not be destroyed (like they are now) upon disconnection/reconnection ... this should be possible, and only change the IP address of the interface upon reconnection.
For example (this is old, needs updating): https://austinjadams.com/blog/running-select-applications-through-openvpn/
Better yet, once could actually run openvpn itself under the net namespace:
https://gist.github.com/Schnouki/fd171bcb2d8c556e8fdf or https://gist.github.com/Ernillew/aa0a13e738d2165878111801c5144d18