From owner-freebsd-net@freebsd.org Sat Feb 6 20:47:05 2016 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 83CC9AA0E38 for ; Sat, 6 Feb 2016 20:47:05 +0000 (UTC) (envelope-from guyyur@gmail.com) Received: from mail-oi0-x229.google.com (mail-oi0-x229.google.com [IPv6:2607:f8b0:4003:c06::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4F8B7973; Sat, 6 Feb 2016 20:47:05 +0000 (UTC) (envelope-from guyyur@gmail.com) Received: by mail-oi0-x229.google.com with SMTP id s2so61467285oie.2; Sat, 06 Feb 2016 12:47:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=ChBIuoyVofn5d0OyKtyEF+IaBQU/rT1gPO1e74GljZM=; b=KYSmigzJPW/kmT5LMOEe7IJkGg5E3/7D1Cc1MvvmDHWVQrMkCZOlXrXTfB5cJs8OPT ytbFrafYu85V/q2H4iLDnQZX/PmJa/sKd25/+hTEPUKcugbh+OYqag9LdoVpigRKZLU6 GiEvCbYhuGT+D0WSQAfHu5E0Dq95CDpTRWeQrVmNtAiqea5gfii2JvZHaNhyPCCNdP0k 3qMjYHVIDP/HYOGpmtm37a+Uc3/javMuut1mcNkei6b8cdYKwez8naW8Fgd9h42rrWby pLm4tqMcvgKvgEA5D0iJ+nnV1oZfeuZGwQUsJo66W/Id4V6/tfFTDHD4O2mqg5YgGUWR n6fw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to :content-type; bh=ChBIuoyVofn5d0OyKtyEF+IaBQU/rT1gPO1e74GljZM=; b=LEWEtPGB8rxVZiiMQnBDyzfnl2yi8VFwJXTx0S/oqtt0W4/S4TY3o+ia+ql2coYnld MbfTX6hik6YS0n7knJxH9AGV9CkPZrxjz5ft/wuaO6XQPISfgsqHRvd9qLo09Zha5t+r q+8M3flwX442/Z6or2AHXVr+CbJ/eAluMYMA/ZFiPO5o86SgRL9wbDWl40hvF67ux/7H B2NsQJwTMSqM1ci/aspuyD9xuL5h2GxDRLuV8r+rLJr6Hq6sOXpGCZRy+ZFzA4k1E9h7 kecFaP6PMes/d8AuCYy0WW+lG8YthrSlwUl33BKl7QsCDkFLFckr0tk11O8Sah35qPX8 s8lA== X-Gm-Message-State: AG10YOTcQk5IvkjsmCpzZSGea1kIWeSOedvCoU684HxRTZE3qUs4TlZYhUZxYnIjgckF7guSOuGH/UUCR2T09w== MIME-Version: 1.0 X-Received: by 10.202.85.88 with SMTP id j85mr13214890oib.28.1454791623922; Sat, 06 Feb 2016 12:47:03 -0800 (PST) Received: by 10.76.34.202 with HTTP; Sat, 6 Feb 2016 12:47:03 -0800 (PST) Date: Sat, 6 Feb 2016 22:47:03 +0200 Message-ID: Subject: openvpn tunnel subnet route netif is lo0 instead of tun0 From: Guy Yur To: freebsd-net@freebsd.org, melifaro@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Feb 2016 20:47:05 -0000 Hi, Between r286965 and r294555 openvpn ipv4 route added for subnet topology on the server started being associated with lo0 instead of tun0. This causes routing problems for clients other than the first. Reverting r293159 solves the problem. With r293159 the RTF_GATEWAY flag is not removed before calling rtrequest1_fib. I added some prints and I see rib_lookup_info returns 0 and ss.ss_family is 0. Commands to replicate the issue manually: ifconfig tun1 create ifconfig tun1 192.168.170.1 192.168.170.2 mtu 1500 netmask 255.255.255.0 up route add -net 192.168.170.0 192.168.170.1 255.255.255.0 Bad route for 192.168.170.0/24 with r293159: # netstat -rnf inet | grep -e Destination -e 192.168.170 Destination Gateway Flags Netif Expire 192.168.170.0/24 192.168.170.1 UGS lo0 192.168.170.1 link#4 UHS lo0 192.168.170.2 link#4 UH tun1 Good route for 192.168.170.0/24 with r293159 reverted: # netstat -rnf inet | grep -e Destination -e 192.168.170 Destination Gateway Flags Netif Expire 192.168.170.0/24 192.168.170.1 UGS tun1 192.168.170.1 link#4 UHS lo0 192.168.170.2 link#4 UH tun1 -- Guy