Browse code
svn merge -r 585:599 https://svn.openvpn.net/projects/openvpn/trunk 2.1_beta1
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@600 e7ae566f-a301-0410-adde-c780ea21d3b5
james authored on 2005/10/12 21:04:14Showing 2 changed files
| ... | ... |
@@ -440,7 +440,7 @@ If unspecified, OpenVPN will bind to all interfaces. |
| 440 | 440 |
.\"********************************************************* |
| 441 | 441 |
.TP |
| 442 | 442 |
.B --remote host [port] |
| 443 |
-Remote host name or IP address. Multiple |
|
| 443 |
+Remote host name or IP address. On the client, multiple |
|
| 444 | 444 |
.B --remote |
| 445 | 445 |
options may be specified for redundancy, each referring |
| 446 | 446 |
to a different OpenVPN server. |
| ... | ... |
@@ -457,13 +457,26 @@ Note that at any given time, the OpenVPN client |
| 457 | 457 |
will at most be connected to |
| 458 | 458 |
one server. |
| 459 | 459 |
|
| 460 |
-Also, note that since UDP is connectionless, connection failure |
|
| 460 |
+Note that since UDP is connectionless, connection failure |
|
| 461 | 461 |
is defined by the |
| 462 | 462 |
.B --ping |
| 463 | 463 |
and |
| 464 | 464 |
.B --ping-restart |
| 465 | 465 |
options. |
| 466 | 466 |
|
| 467 |
+Note the following corner case: If you use multiple |
|
| 468 |
+.B --remote |
|
| 469 |
+options, AND you are dropping root privileges on |
|
| 470 |
+the client with |
|
| 471 |
+.B --user |
|
| 472 |
+and/or |
|
| 473 |
+.B --group, |
|
| 474 |
+AND the client is running a non-Windows OS, if the client needs |
|
| 475 |
+to switch to a different server, and that server pushes |
|
| 476 |
+back different TUN/TAP or route settings, the client may lack |
|
| 477 |
+the necessary privileges to close and reopen the TUN/TAP interface. |
|
| 478 |
+This could cause the client to exit with a fatal error. |
|
| 479 |
+ |
|
| 467 | 480 |
If |
| 468 | 481 |
.B --remote |
| 469 | 482 |
is unspecified, OpenVPN will listen |