{"id":5740,"date":"2021-07-02T16:18:42","date_gmt":"2021-07-02T13:18:42","guid":{"rendered":"https:\/\/skeletor.org.ua\/?p=5740"},"modified":"2021-07-02T16:20:18","modified_gmt":"2021-07-02T13:20:18","slug":"openvpn-multihome-%d0%b8%d0%bb%d0%b8-%d0%bd%d0%b5%d1%81%d0%ba%d0%be%d0%bb%d1%8c%d0%ba%d0%be-%d0%ba%d0%b0%d0%bd%d0%b0%d0%bb%d0%be%d0%b2","status":"publish","type":"post","link":"https:\/\/skeletor.org.ua\/?p=5740","title":{"rendered":"OpenVPN: multihome \u0438\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u0430\u043d\u0430\u043b\u043e\u0432"},"content":{"rendered":"\n<p>\u0421\u0435\u0439\u0447\u0430\u0441 \u0432\u0441\u0451 \u0447\u0430\u0449\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0441\u0440\u0430\u0437\u0443 \u043a \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430\u043c. \u041f\u043e\u044d\u0442\u043e\u043c\u0443, \u043e\u0441\u0442\u0440\u043e \u0441\u0442\u043e\u0438\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432, \u043d\u0435\u0432\u0430\u0436\u043d\u043e \u043a \u043a\u0430\u043a\u043e\u043c\u0443 \u0438\u0437 \u043a\u0430\u043d\u0430\u043b\u043e\u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0432\u044b \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u043b\u0438\u0441\u044c. \u0423 <strong>OpenVPN <\/strong>\u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0435\u0441\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e &#8220;\u0445\u0430\u043a\u043e\u0432&#8221;.<\/p>\n\n\n<p><!--more--><\/p>\n\n\n<p><strong>multihome<\/strong>: \u043e\u043f\u0446\u0438\u044f \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0435 <strong>server&#8217;a <\/strong>(\u0447\u0442\u043e \u0431\u044b \u0437\u0430\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u043e, \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043d\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u0435 <strong>nobind<\/strong>). \u0412\u043e\u0442 \u043f\u043e\u043b\u043d\u0430\u044f \u0432\u044b\u0434\u0435\u0440\u0436\u043a\u0430 \u0438\u0437 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0438:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p><span style=\"color:#0075a3\" class=\"has-inline-color\">Configure a multi-homed UDP server. This option needs to be used when a server has more than one IP address (e.g. multiple interfaces, or secondary IP addresses), and is not using &#8211;local to force binding to one specific address only. This option will add some extra lookups to the packet path to ensure that the UDP reply packets are always sent from the address that the client is talking to. This is not supported on all platforms, and it adds more processing, so it&#8217;s not enabled by default.&nbsp;<\/span><\/p><p><span style=\"color:#0075a3\" class=\"has-inline-color\">Note: this option is only relevant for UDP servers.<\/span><\/p><p><span style=\"color:#0075a3\" class=\"has-inline-color\">Note 2: if you do an IPv6+IPv4 dual-stack bind on a Linux machine with multiple IPv4 address, connections to IPv4 addresses will not work right on kernels before 3.15, due to missing kernel support for the IPv4-mapped case (some distributions have ported this to earlier kernel versions, though).<\/span><\/p><p><span style=\"color:#0075a3\" class=\"has-inline-color\">Note 3: clients connecting to a &#8211;multihome server should always use the &#8211;nobind option.<\/span><\/p><\/blockquote>\n\n\n\n<p>\u0415\u0441\u043b\u0438 \u044d\u0442\u043e\u0442 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u043d\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0443 \u0432\u0430\u0441 <strong>FreeBSD<\/strong>) \u0442\u043e \u043d\u0430 \u043f\u043e\u043c\u043e\u0449\u044c \u043f\u0440\u0438\u0434\u0451\u0442 <strong>workaround<\/strong>, \u043f\u0440\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0441\u043e\u0437\u0434\u0430\u0451\u043c \u043d\u0430 \u043a\u0430\u0436\u0434\u044b\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u043f\u043e \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u043c\u0443 \u043a\u043e\u043d\u0444\u0438\u0433\u0443 \u0438 \u0436\u0451\u0441\u0442\u043a\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u043c <strong>local &lt;IP><\/strong>, \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0431\u0435\u0437 \u043e\u043f\u0446\u0438\u0438 <strong>multihome<\/strong>. <\/p>\n\n\n\n<p><a href=\"https:\/\/community.openvpn.net\/openvpn\/ticket\/442\" target=\"_blank\" rel=\"noreferrer noopener\">\u0417\u0434\u0435\u0441\u044c <\/a>\u043e\u043f\u0438\u0441\u0430\u043d\u043e \u0434\u043b\u044f \u043a\u0430\u043a\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0438 \u043a\u0430\u043a \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 <strong>multihome<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u0421\u0435\u0439\u0447\u0430\u0441 \u0432\u0441\u0451 \u0447\u0430\u0449\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0441\u0440\u0430\u0437\u0443 \u043a \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430\u043c. \u041f\u043e\u044d\u0442\u043e\u043c\u0443, \u043e\u0441\u0442\u0440\u043e \u0441\u0442\u043e\u0438\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432, \u043d\u0435\u0432\u0430\u0436\u043d\u043e \u043a \u043a\u0430\u043a\u043e\u043c\u0443 \u0438\u0437 \u043a\u0430\u043d\u0430\u043b\u043e\u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0432\u044b \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u043b\u0438\u0441\u044c. \u0423 OpenVPN \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0435\u0441\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e &#8220;\u0445\u0430\u043a\u043e\u0432&#8221;.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10,13],"tags":[],"class_list":["post-5740","post","type-post","status-publish","format-standard","hentry","category-others","category-security"],"_links":{"self":[{"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=\/wp\/v2\/posts\/5740","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5740"}],"version-history":[{"count":2,"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=\/wp\/v2\/posts\/5740\/revisions"}],"predecessor-version":[{"id":5742,"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=\/wp\/v2\/posts\/5740\/revisions\/5742"}],"wp:attachment":[{"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5740"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5740"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5740"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}