Project

General

Profile

Actions

Bug #11661

closed

OpenVPN L2 TAP tunnel mac routing table

Added by jo ko over 3 years ago. Updated over 3 years ago.

Status:
Not a Bug
Priority:
Normal
Assignee:
Category:
OpenVPN
Target version:
-
Start date:
03/12/2021
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.5.0
Affected Architecture:

Description

Scenario: OpenVPN: [sense1 client] -> [sense2 server] [sense2 client] -> [sense3 server]

- Servers and clients are bridged to physical port leading to switch.
- When i plug computerA behind sense1 client, and computerB behind sense server3 all works fine.
- When i switch computers with each other, OpenVPN routing table is still pointing to old locations (https://xxx.xxx.xxx.xxx/status_openvpn.php). Means that sense3 server is still pointin computerA to be found behind sense2, and sense2 is pointin it behind sense1

Mac routing table on L2 TAP tunnel SERVER is not refreshing nor timing out (unplugged computer and mac-address still in table after 20hours). Bridge interface mac-table is fine and pointing to right direction on all devices (ifconfig bridge0 addr).

- If it matters, im using qinq's over those tunnels, and hp aruba are connected to sense bridges.

Actions #1

Updated by Jim Pingle over 3 years ago

  • Status changed from New to Not a Bug

That is up to OpenVPN to maintain/expire internally. I don't see any configuration options in the OpenVPN man page which reference ways to control the aging/expiration of learned MAC addresses in tap mode. Since the addresses are held internally in OpenVPN and not the operating system, you should bring this question up with OpenVPN directly, not here.

Actions

Also available in: Atom PDF