This simplify network configuration a lot, and on recent kernels, this fixes
wrong source address for extra interfaces that already have a public IP.

Generating them takes a lot of time and there's no reason to do this by default.
We keep --dh option in 're6stnet' to not break existing configuration.

We consider using sockets to communicate with OpenVPN, via --management option.

UDP protocol is useless if nothing is done to prevent fragmentation.
Otherwise, it is at best unefficient.

There exist routers on the internet that filter fragmented packets with specific
data. This is hard to debug because TCP connections hang randomly when there is
no OpenVPN encryption.

Now, only TCP is enabled by default. A second protocol should be there for
better performance when possible, either existing UDP one (provided it is
guaranteed there is no fragmentation) or something better (GRE ?).

This is a common misconfiguration that may break internet acces for other peers.

We also stop checking for child process termination when used without tunnel
manager (i.e. with --client or --client-count=0) because it conflicts with the
'ip route' command that is called every minute if --table=0 is used.
Anyway, with a tunnel manager, only openvpn client are watched.

This replaces --connection-count, for more customization, but without requiring
more configuration from the user.

Co-written with Ulysse