2016-08-25 23:42:16 |
Marco |
bug |
|
|
added bug |
2017-02-20 13:07:38 |
Launchpad Janitor |
network-manager-openvpn (Ubuntu): status |
New |
Confirmed |
|
2017-02-20 13:08:09 |
Adam Collard |
bug watch added |
|
https://bugzilla.gnome.org/show_bug.cgi?id=720097 |
|
2017-02-20 13:08:09 |
Adam Collard |
bug task added |
|
network-manager-openvpn |
|
2017-02-20 13:54:29 |
Bug Watch Updater |
network-manager-openvpn: status |
Unknown |
Fix Released |
|
2017-02-20 13:54:29 |
Bug Watch Updater |
network-manager-openvpn: importance |
Unknown |
Medium |
|
2017-02-20 14:00:47 |
Andreas Hasenack |
bug |
|
|
added subscriber Andreas Hasenack |
2017-02-20 16:53:39 |
Adam Collard |
attachment added |
|
network-manager-openvpn_1.1.93-1ubuntu1_1.1.93-1ubuntu2.diff https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/1617098/+attachment/4822836/+files/network-manager-openvpn_1.1.93-1ubuntu1_1.1.93-1ubuntu2.diff |
|
2017-02-20 20:27:50 |
Ubuntu Foundations Team Bug Bot |
tags |
max-routes network-manager openvpn |
max-routes network-manager openvpn patch |
|
2017-02-20 20:27:59 |
Ubuntu Foundations Team Bug Bot |
bug |
|
|
added subscriber Ubuntu Sponsors Team |
2017-02-20 21:08:43 |
Haw Loeung |
bug |
|
|
added subscriber Haw Loeung |
2017-02-21 01:27:00 |
Mathew Hodson |
network-manager-openvpn (Ubuntu): importance |
Undecided |
Medium |
|
2017-02-21 01:29:02 |
Mathew Hodson |
network-manager-openvpn (Ubuntu): importance |
Medium |
Wishlist |
|
2017-02-21 01:29:34 |
Mathew Hodson |
summary |
network-manager-openvpn max-routes support |
Add support for option max-routes |
|
2017-02-21 01:30:12 |
Mathew Hodson |
tags |
max-routes network-manager openvpn patch |
patch xenial |
|
2017-02-21 01:44:35 |
Mathew Hodson |
network-manager-openvpn (Ubuntu): status |
Confirmed |
Triaged |
|
2017-02-23 05:15:07 |
Mathieu Trudel-Lapierre |
nominated for series |
|
Ubuntu Zesty |
|
2017-02-23 05:15:07 |
Mathieu Trudel-Lapierre |
bug task added |
|
network-manager-openvpn (Ubuntu Zesty) |
|
2017-02-23 05:15:07 |
Mathieu Trudel-Lapierre |
nominated for series |
|
Ubuntu Xenial |
|
2017-02-23 05:15:07 |
Mathieu Trudel-Lapierre |
bug task added |
|
network-manager-openvpn (Ubuntu Xenial) |
|
2017-02-23 05:15:15 |
Mathieu Trudel-Lapierre |
network-manager-openvpn (Ubuntu Zesty): status |
Triaged |
Fix Released |
|
2017-02-23 05:15:21 |
Mathieu Trudel-Lapierre |
network-manager-openvpn (Ubuntu Xenial): importance |
Undecided |
Wishlist |
|
2017-02-23 05:15:26 |
Mathieu Trudel-Lapierre |
network-manager-openvpn (Ubuntu Xenial): status |
New |
In Progress |
|
2017-02-23 05:15:34 |
Mathieu Trudel-Lapierre |
removed subscriber Ubuntu Sponsors Team |
|
|
|
2017-02-23 17:58:40 |
Brian Murray |
network-manager-openvpn (Ubuntu Xenial): status |
In Progress |
Incomplete |
|
2017-02-23 17:58:47 |
Brian Murray |
bug |
|
|
added subscriber Brian Murray |
2017-02-24 17:15:47 |
Adam Collard |
description |
Hi,
Currently in Ubuntu 16.04 network-manager-openvpn does not support the openvpn --max-routes switch.
This means that per omission the VPN connection supports 100 routes that can be pushed by the openvpn server to the client. If the openvpn server pushes more 100 routes, which can happen in some cases, the VPN establishment fails.
From OpenVPN manual:
"--max-routes n
Allow a maximum number of n --route options to be specified, either in the local configuration file, or pulled from an OpenVPN server. By default, n=100."
Can you do one of the following?
- Fully support max-routes in the GUI, with an option to choose the value of the max-routes
or, simpler:
- Do not implement the max-routes in the GUI but add '--max-routes 500' for example for all openvpn connection establishments. I mean increase the number of maximum routes for all openvpn connections with network-manager.
There is also a gnome bugzilla related to this issue which was recently closed with a patch: https://bugzilla.gnome.org/show_bug.cgi?id=720097
When can we have the max-route implementation on network-manager-openvpn in ubuntu?
mm:~$ lsb_release -rd
Description: Ubuntu 16.04.1 LTS
Release: 16.04
mm:~$ apt-cache policy network-manager-openvpn
network-manager-openvpn:
Installed: 1.1.93-1ubuntu1
Candidate: 1.1.93-1ubuntu1
Version table:
*** 1.1.93-1ubuntu1 500
500 http://pt.archive.ubuntu.com/ubuntu xenial/universe amd64 Packages
100 /var/lib/dpkg/statusThanks,
mm:~$ apt-cache policy network-manager-openvpn-gnome
network-manager-openvpn-gnome:
Installed: 1.1.93-1ubuntu1
Candidate: 1.1.93-1ubuntu1
Version table:
*** 1.1.93-1ubuntu1 500
500 http://pt.archive.ubuntu.com/ubuntu xenial/universe amd64 Packages
100 /var/lib/dpkg/status
mm:~$ apt-cache policy openvpn
openvpn:
Installed: 2.3.10-1ubuntu2
Candidate: 2.3.10-1ubuntu2
Version table:
*** 2.3.10-1ubuntu2 500
500 http://pt.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
100 /var/lib/dpkg/status
Regards,
Marco |
[Impact]
network-manager-openvpn does not support the openvpn --max-routes switch.
This means that per omission the VPN connection supports 100 routes that can be pushed by the openvpn server to the client. If the openvpn server pushes more than 100 routes, the VPN establishment fails.
From OpenVPN manual:
"--max-routes n
Allow a maximum number of n --route options to be specified, either in the local configuration file, or pulled from an OpenVPN server. By default, n=100."
The attached patch comes from upstream's fix (see linked Gnome bug) and adds a new option to the NM Advanced section for network-manager-openvpn.
[Test Case]
1. Configure an OpenVPN server to push > 100 routes
2. Set up a connection to it using network-manager-openvpn
3. Attempt to connect
Before this fix, the connection would fail, and you'd not be able to resolve it using Network Manager.
After the fix, the connection will fail, but one can use the UI, in the Advanced section, to configure the maximum number of routes to be >= the number sent.
[Regression Potential]
Two broad areas -
1) the UI could be messed up, and make it difficult or impossible to configure VPNs. Or,
2) the establishment of a VPN could fail, both
2.a) with peers that push < 100 routes
2.b) with peers that push > 100 routes |
|
2017-02-24 17:16:15 |
Adam Collard |
network-manager-openvpn (Ubuntu Xenial): status |
Incomplete |
Confirmed |
|
2017-02-24 17:16:48 |
Adam Collard |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2017-02-24 20:34:32 |
Mathieu Trudel-Lapierre |
nominated for series |
|
Ubuntu Yakkety |
|
2017-02-24 20:34:32 |
Mathieu Trudel-Lapierre |
bug task added |
|
network-manager-openvpn (Ubuntu Yakkety) |
|
2017-02-24 20:34:41 |
Mathieu Trudel-Lapierre |
network-manager-openvpn (Ubuntu Yakkety): status |
New |
Triaged |
|
2017-02-24 20:34:45 |
Mathieu Trudel-Lapierre |
network-manager-openvpn (Ubuntu Yakkety): importance |
Undecided |
Wishlist |
|
2017-03-03 20:01:39 |
Steve Langasek |
network-manager-openvpn (Ubuntu Xenial): status |
Confirmed |
Fix Committed |
|
2017-03-03 20:01:44 |
Steve Langasek |
bug |
|
|
added subscriber SRU Verification |
2017-03-03 20:01:49 |
Steve Langasek |
tags |
patch xenial |
patch verification-needed xenial |
|
2017-03-07 18:28:29 |
Marco |
tags |
patch verification-needed xenial |
patch verification-done xenial |
|
2017-03-15 17:26:05 |
Launchpad Janitor |
network-manager-openvpn (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
2017-03-15 17:26:14 |
Brian Murray |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2020-07-21 21:28:29 |
toxi |
bug |
|
|
added subscriber toxi |