puppet - openvpn free_gateway_address is never removed from network interface
if you disable free access to an openvpn gateway, the interface will still include the old free_gateway_address.
this is due to the way the script works that adds the address:
#!/bin/sh ip addr show dev <%= @interface %> | grep -q <%= @openvpn_gateway_address %>/24 || ip addr add <%= @openvpn_gateway_address %>/24 dev <%= @interface %> <% if @openvpn_allow_free %> ip addr show dev <%= @interface %> | grep -q <%= @openvpn_free_gateway_address %>/24 || ip addr add <%= @openvpn_free_gateway_address %>/24 dev <%= @interface %> <% end %> /bin/echo 1 > /proc/sys/net/ipv4/ip_forward
it only adds it, never deletes it. the problem is that if @openvpn_allow_free is false, then @openvpn_free_gateway_address is probably undefined.
perhaps it could be written to delete any address that is is neither @openvpn_gateway_address or the primary ip.
(from redmine: created on 2013-02-28)