[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] localhost routing issue with new OpenVPN install


  • Subject: [Openvpn-users] localhost routing issue with new OpenVPN install
  • From: Fabian Peters <lists.fabian@xxxxxxxxxx>
  • Date: Wed, 11 Jul 2007 20:26:59 +0200

Hi all,

I'm facing a strange issue here after having decommissioned an old  
OpenVPN setup and replaced it with a new one. The old one was at home  
in the 10.100.100.x range, the new one is in 10.10.10.x. My machine  
(running OS X 10.4.10) is placed in a small LAN using 10.0.0.x, with  
its primary IP being 10.0.0.6 and the router placed at 10.0.0.1.

While OpenVPN is not running, everything's fine. "netstat -rn" shows:

Destination        Gateway            Flags    Refs      Use  Netif  
Expire
default            10.0.0.1           UGSc       40        8    en0
10/24              link#4             UCS         3        0    en0
10.0.0.1           XX:XX:XX:XX:X:X    UHLW       38       33    en0    
1154
10.0.0.6           127.0.0.1          UHS         0        0    lo0
10.0.0.7           XX:XX:XX:XX:X:X    UHLW        1     5001     
en0    507
10.0.0.255         ff:ff:ff:ff:ff:ff  UHLWb       0        3    en0
127                127.0.0.1          UCS         0        0    lo0
127.0.0.1          127.0.0.1          UH         10     5865    lo0
169.254            link#7             UC          0        0    fw0

Internet6:
Destination                              
Gateway                         Flags      Netif Expire
::1                                      
link#1                          UHL         lo0
fe80::%lo0/64                           fe80::1% 
lo0                     Uc          lo0
fe80::1%lo0                              
link#1                          UHL         lo0
fe80::%en1/64                            
link#5                          UC          en1
ff01::/32                               :: 
1                             U           lo0
ff02::/32                               :: 
1                             UC          lo0
ff02::/32                                
link#5                          UC          en1

On connecting, OpenVPN issues the following commands:

      /sbin/ifconfig tun0 10.10.10.10 127.0.0.1 mtu 1500 netmask  
255.255.255.255 up
      /sbin/route add -net 10.10.10.0 127.0.0.1 255.255.255.0

Which look fine to me and do succeed. "netstat -rn" then shows:

Destination        Gateway            Flags    Refs      Use  Netif  
Expire
default            10.0.0.1           UGSc       40        9    en0
10/24              link#4             UCS         2        0    en0
10.0.0.1           XX:XX:XX:XX:X:X    UHLW       38       33     
en0    936
10.0.0.6           127.0.0.1          UHS         0        0    lo0
10.0.0.7           XX:XX:XX:XX:X:X    UHLW        1     6408     
en0    289
10.10.10/24        127.0.0.1          UGSc        1        8   tun0
127                127.0.0.1          UCS         0        0    lo0
127.0.0.1          127.0.0.1          UH         14     6182    lo0
169.254            link#7             UC          0        0    fw0

Internet6:
Destination                              
Gateway                         Flags      Netif Expire
::1                                      
link#1                          UHL         lo0
fe80::%lo0/64                           fe80::1% 
lo0                     Uc          lo0
fe80::1%lo0                              
link#1                          UHL         lo0
fe80::%en1/64                            
link#5                          UC          en1
ff01::/32                               :: 
1                             U           lo0
ff02::/32                               :: 
1                             UC          lo0
ff02::/32                                
link#5                          UC          en1

Connections to the VPN are working flawlessly. But, connections to  
127.0.0.1 are now established from the VPN IP. "lsof -i" shows the  
following for a lynx-instance connecting to 127.0.0.1:80:

lynx      548      502    3u  IPv4 0x49d6228      0t0  TCP  
10.10.10.10:49312->127.0.0.1:http (SYN_SENT)

Why is this and how can I prevent this? This never occurred with my  
old VPN installation.

Any hints greatly appreciated!
______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users