Now that IPv6 addresses are more common, it is instructive to show how IPv6 addresses are passed from the server to client-side scripts. Basically, all environment variables that existed for IPv4 addresses also exist for IPv6, simply by appending or inserting _ipv6
to the environment variable. In this recipe, we will show you how to process these environment variables.
Install OpenVPN 2.3 or higher on two computers. Make sure that the computers are connected over a network. Set up the client and server certificates using the first recipe from Chapter 2, Client-server IP-only Networks. For this recipe, the server computer was running CentOS 6 Linux and OpenVPN 2.3.10., and the client was running Fedora 22 and OpenVPN 2.3.10. For the server, keep the server configuration file, basic-udp-server.conf
, from the Server-side routing recipe, from Chapter 2, Client-server IP-only Networks.
basic-udp-server.conf
:push "route-ipv6 2001:610:120::111:0:1/96" push "route-ipv6 2001:610:120::222:0:1/96"
example5-8-server.conf
.[root@server]# openvpn --config example5-8-server.conf
client proto udp remote openvpnserver.example.com port 1194 dev tun nobind ca /etc/openvpn/cookbook/ca.crt cert /etc/openvpn/cookbook/client1.crt key /etc/openvpn/cookbook/client1.key tls-auth /etc/openvpn/cookbook/ta.key 1 remote-cert-tls server script-security 2 up "/etc/openvpn/cookbook/example5-8.sh" route-up "/etc/openvpn/cookbook/example5-8.sh"
example5-8-client.conf
.#!/bin/bash exec >> /tmp/example5-10.log 2>&1 date +"%H:%M:%S: START $script_type script ===" export | grep ipv6 date +"%H:%M:%S: END $script_type script ==="
example5-8-script.sh
.example5-8.sh
script is executable, and then start the client:[root@client]# chmod 755 example5-8.sh [root@client]# openvpn --config example5-8-client.conf
/tmp/example5-8.log
:16:19:58: START up script === declare -x ifconfig_ipv6_local="2001:610:120::200:0:1001" declare -x ifconfig_ipv6_netbits="112" declare -x ifconfig_ipv6_remote="2001:610:120::200:0:2" declare -x route_ipv6_gateway_1="2001:610:120::200:0:2" declare -x route_ipv6_gateway_2="2001:610:120::200:0:2" declare -x route_ipv6_network_1="2001:610:120::111:0:1/96" declare -x route_ipv6_network_2="2001:610:120::222:0:1/96" 16:19:58: END up script === 16:19:58: START route-up script === declare -x ifconfig_ipv6_local="2001:610:120::200:0:1001" declare -x ifconfig_ipv6_netbits="112" declare -x ifconfig_ipv6_remote="2001:610:120::200:0:2" declare -x route_ipv6_gateway_1="2001:610:120::200:0:2" declare -x route_ipv6_gateway_2="2001:610:120::200:0:2" declare -x route_ipv6_network_1="2001:610:120::111:0:1/96" declare -x route_ipv6_network_2="2001:610:120::222:0:1/96" 16:19:58: END route-up script ===
The OpenVPN server assigns an IPv6 address to the client and also pushes out two IPv6 routes to the client using the push "route-ipv6 ..."
directive. The client picks up these directives and passes them on to the up
and route-up
scripts. These scripts only show the environment variables that have ipv6
in them, which gives a good overview of the IPv6 settings that are available to scripts and plugins.
18.216.66.30