Date: Thu, 23 Jul 2020 10:59:38 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 248172] if_tuntap(4): OpenVPN configuring tun/tap devices ends up with IFDISABLED interfaces Message-ID: <bug-248172-7501-QsZGU0mqMS@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-248172-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-248172-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D248172 --- Comment #19 from Gert Doering <gert@greenie.muc.de> --- (In reply to Andrey V. Elsukov from comment #17) Thanks for the explanation. I wonder if there is an easy way to trace these scripts, to see when exactly something was ifconfig'ed? I've sprinkled the pccard_ether script with "logger" commands now, and I can see that it will not touch the tun0 interface "if it is already up" (in pccard_ether_start()). In that case, I have no IFDISABLE. If I do "ifconfig tun0 create" by hand, I see it enters quietstart, and I do get IFDISABLE. The added "logger" commands do modify the timing, so it's indeed a race condition. If I have no loggers in the script *before* the decisions about= "is this interface already up or not" are made, I can see it go to quietstart, = and OpenVPN and the kernel message confirm "now it's IFDISABLED". Jul 23 12:50:09 fbsd-tc root[74575]: pccard_ether_start, ifn=3Dtun0 Jul 23 12:50:09 fbsd-tc root[74579]: pccard_ether_start, quietstart Jul 23 12:50:10 fbsd-tc kernel: nd6_dad_timer: cancel DAD on tun0 because of ND6_IFF_IFDISABLED. This is good news, actually, because it turns out to be "very likely not a kernel bug". Apologies for jumping to a conclusion here. On the other hand it's bad news, because I do not know how to fix this "for good". If an OpenVPN user does not have IPv6 enabled on his regular LAN interfaces, he might not have ipv6_activate_all_interfaces=3D"YES" set. Even for someone who *has* IPv6 active (like, me, on that test box) that setting might not be set - because having "ifconfig_em0_ipv6" and "ipv6_defaultrouter" are perfectly fine to get what I want ("a static v6 address + default route"). But they want IPv6 to work inside the tunnel, if their VPN server has worki= ng v6 (it might be their only way to reach the IPv6 Internet). So what should I do? Stick to "sleep(1); ifconfig tun0 inet6 -ifdisabled"? --=20 You are receiving this mail because: You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-248172-7501-QsZGU0mqMS>