openvpn是一个不可多得的好软件
而且难得作者还在维护
可以说这个vpn软件不比市场上某些商业性质的vpn差

离开上家公司后
没怎么摆弄openvpn了
最近看到主页上有更新
最新的版本为2.1 rc10
仔细看了一下更新中有一个很有意思的特性

topology subnet feature, allowing intuitive tun-based VPN subnets having 1 IP address per client.

这个特性应该在2.1版本中很早就有
不过一直没有注意到
使用这个特性后，在tun模式下，就不需要每个客户端占用/30大小的子网了，确实很棒，因为之前公司使用openvpn作大规模部署中因为/30子网这个问题带来不少麻烦，现在都解决了。

man page中这样描述

–topology mode
              Configure virtual addressing topology when running in –dev tun mode.  This directive  has  no  meaning  in
              –dev tap mode, which always uses a subnet topology.

              If  you  set  this  directive on the server, the –server and –server-bridge directives will automatically
              push your chosen topology setting to clients as well.  This  directive  can  also  be  manually  pushed  to
              clients.  Like the –dev directive, this directive must always be compatible between client and server.

              mode can be one of:

              net30 — Use a point-to-point topology, by allocating one /30 subnet per client.  This is designed to allow
              point-to-point semantics when some or all of the connecting clients might be Windows systems.  This is  the
              default on OpenVPN 2.0.

              p2p  — Use a point-to-point topology where the remote endpoint of the client’s tun interface always points
              to the local endpoint of the server’s tun interface.  This mode allocates a single IP address per  connect-
              ing  client.   Only use when none of the connecting clients are Windows systems.  This mode is functionally
              equivalent to the –ifconfig-pool-linear directive which is available in OpenVPN 2.0 and is now deprecated.

              subnet  — Use a subnet rather than a point-to-point topology by configuring the tun interface with a local
              IP address and subnet mask, similar to the topology used in –dev tap and  ethernet  bridging  mode.   This
              mode allocates a single IP address per connecting client and works on Windows as well.  Only available when
              server and clients are OpenVPN 2.1 or higher, or OpenVPN 2.0.x which has been  manually  patched  with  the
              –topology  directive  code.  When used on Windows, requires version 8.2 or higher of the TAP-Win32 driver.
              When used on *nix, requires that the tun driver supports an ifconfig(8) command which sets a subnet instead
              of a remote endpoint IP address.

              This option exists in OpenVPN 2.1 or higher.

灵活运用这些变量
会让你编写脚本更加自如

$0
shell或shell脚本的名字
$*
以一对双引号给出参数列表
$@
将各个参数分别加双引号返回
$#
参数的个数
$_
代表上一个命令的最后一个参数
$$
代表所在命令的PID
$!
代表最后执行的后台命令的PID
$?
代表上一个命令执行后的退出状态