Project

General

Profile

Actions

Bug #13358

closed

Traffic to OpenVPN DCO RA clients above the first available tunnel IP address is incorrectly routed

Added by Steve Wheeler over 2 years ago. Updated almost 2 years ago.

Status:
Resolved
Priority:
High
Category:
OpenVPN
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Release Notes:
Default
Affected Plus Version:
22.05
Affected Architecture:
All

Description

Traffic from hosts in the local subnet, for example a server on LAN, can only reach the first assign RA client when DCO is enabled. This includes reply traffic.

Traffic to subsequent clients is incorrectly routed. For example:

steve@steve-Standard-PC-i440FX-PIIX-1996:~$ ping 10.1.9.2
PING 10.1.9.2 (10.1.9.2) 56(84) bytes of data.
64 bytes from 10.1.9.2: icmp_seq=1 ttl=63 time=0.482 ms
^C
--- 10.1.9.2 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.482/0.482/0.482/0.000 ms
steve@steve-Standard-PC-i440FX-PIIX-1996:~$ ping 10.1.9.3
PING 10.1.9.3 (10.1.9.3) 56(84) bytes of data.
From 10.1.9.1 icmp_seq=1 Redirect Host(New nexthop: 0.0.0.0)
From 10.1.9.1 icmp_seq=1 Redirect Host(New nexthop: 0.0.0.0)
From 10.1.9.1 icmp_seq=1 Redirect Host(New nexthop: 0.0.0.0)

More details to follow.

Actions

Also available in: Atom PDF