[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] localhost routing issue with new OpenVPN install


  • Subject: Re: [Openvpn-users] localhost routing issue with new OpenVPN install
  • From: Fabian Peters <lists.fabian@xxxxxxxxxx>
  • Date: Wed, 11 Jul 2007 20:39:27 +0200

Sorry, I'm resending this so it hopefully won't get wrapped as badly:

Hi all,

I'm facing a strange issue here after having decommissioned an old
OpenVPN setup and replaced it with a new one. The old one was at home
in the 10.100.100.x range, the new one is in 10.10.10.x. My machine
(running OS X 10.4.10) is placed in a small LAN using 10.0.0.x, with
its primary IP being 10.0.0.6 and the router placed at 10.0.0.1.

While OpenVPN is not running, everything's fine. "netstat -rn" shows:

Destination Gateway            Flags   Refs   Use  Netif   Expire
default     10.0.0.1           UGSc      40     8    en0
10/24       link#4             UCS        3     0    en0
10.0.0.1    XX:XX:XX:XX:X:X    UHLW      38    33    en0   1154
10.0.0.6    127.0.0.1          UHS        0     0    lo0
10.0.0.7    XX:XX:XX:XX:X:X    UHLW       1  5001    en0    507
10.0.0.255  ff:ff:ff:ff:ff:ff  UHLWb      0     3    en0
127         127.0.0.1          UCS        0     0    lo0
127.0.0.1   127.0.0.1          UH        10  5865    lo0
169.254     link#7             UC         0     0    fw0

Internet6:
Destination     Gateway            Flags      Netif Expire
::1             link#1             UHL         lo0
fe80::%lo0/64   fe80::1%lo0        Uc          lo0
fe80::1%lo0     link#1             UHL         lo0
fe80::%en1/64   link#5             UC          en1
ff01::/32       ::1                U           lo0
ff02::/32       ::1                UC          lo0
ff02::/32       link#5             UC          en1

On connecting, OpenVPN issues the following commands:

ifconfig tun0 10.10.10.10 127.0.0.1 mtu 1500 netmask 255.255.255.255 up
route add -net 10.10.10.0 127.0.0.1 255.255.255.0

Which look fine to me and do succeed. "netstat -rn" then shows:

Destination  Gateway          Flags   Refs  Use  Netif Expire
default      10.0.0.1         UGSc      40    9    en0
10/24        link#4           UCS        2    0    en0
10.0.0.1     XX:XX:XX:XX:X:X  UHLW      38   33    en0    936
10.0.0.6     127.0.0.1        UHS        0    0    lo0
10.0.0.7     XX:XX:XX:XX:X:X  UHLW       1  408    en0    289
10.10.10/24  127.0.0.1        UGSc       1    8   tun0
127          127.0.0.1        UCS        0    0    lo0
127.0.0.1    127.0.0.1        UH        14  182    lo0
169.254      link#7           UC         0    0    fw0

Internet6:
Destination     Gateway            Flags      Netif Expire
::1             link#1             UHL         lo0
fe80::%lo0/64   fe80::1%lo0        Uc          lo0
fe80::1%lo0     link#1             UHL         lo0
fe80::%en1/64   link#5             UC          en1
ff01::/32       ::1                U           lo0
ff02::/32       ::1                UC          lo0
ff02::/32       link#5             UC          en1

Connections to the VPN are working flawlessly. But, connections to
127.0.0.1 are now established from the VPN IP. "lsof -i" shows the
following for a lynx-instance connecting to 127.0.0.1:80:

lynx      548      502    3u  IPv4 0x49d6228      0t0  TCP
10.10.10.10:49312->127.0.0.1:http (SYN_SENT)

Why is this and how can I prevent this? This never occurred with my
old VPN installation.

Any hints greatly appreciated!

Fabian

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users