diff options
| -rw-r--r-- | .svnignore | 3 | ||||
| -rw-r--r-- | openvpn.8 | 17 |
2 files changed, 18 insertions, 2 deletions
@@ -35,3 +35,6 @@ autom4te*.cache *.asc *.zip *.so +*.merge-left.* +*.merge-right.* +*.working @@ -440,7 +440,7 @@ If unspecified, OpenVPN will bind to all interfaces. .\"********************************************************* .TP .B --remote host [port] -Remote host name or IP address. Multiple +Remote host name or IP address. On the client, multiple .B --remote options may be specified for redundancy, each referring to a different OpenVPN server. @@ -457,13 +457,26 @@ Note that at any given time, the OpenVPN client will at most be connected to one server. -Also, note that since UDP is connectionless, connection failure +Note that since UDP is connectionless, connection failure is defined by the .B --ping and .B --ping-restart options. +Note the following corner case: If you use multiple +.B --remote +options, AND you are dropping root privileges on +the client with +.B --user +and/or +.B --group, +AND the client is running a non-Windows OS, if the client needs +to switch to a different server, and that server pushes +back different TUN/TAP or route settings, the client may lack +the necessary privileges to close and reopen the TUN/TAP interface. +This could cause the client to exit with a fatal error. + If .B --remote is unspecified, OpenVPN will listen |