Re: kern/57155: OpenVPN (tap and tun) doesn't run as expected on 10.0_BETA

To: gnats-bugs%netbsd.org@localhost, kern-bug-people%netbsd.org@localhost, gnats-admin%netbsd.org@localhost, netbsd-bugs%netbsd.org@localhost
Subject: Re: kern/57155: OpenVPN (tap and tun) doesn't run as expected on 10.0_BETA
From: BERTRAND Joël <joel.bertrand%systella.fr@localhost>
Date: Wed, 4 Jan 2023 08:29:53 +0100

Ryota Ozaki a écrit :
>  I've installed NetBSD 10 on Linux KVM and tested with them.  The guest
>  is under NAT in my setup.  OpenVPN is installed via pkg_add.

	I have seen this issue on my main server (that was installed with 7.2
if I remember and upgraded until 10_BETA) and on a fresh install in a VM
(KVM). I have built openvpn from pkgsrc.

>  netbsd10# uname -a
>  NetBSD netbsd10 10.0_BETA NetBSD 10.0_BETA (GENERIC) #0: Sat Dec 31
>  04:55:53 UTC 2022
>  mkrepro%mkrepro.NetBSD.org@localhost:/usr/src/sys/arch/amd64/compile/GENERIC
>  amd64
>  netbsd10# pkg_info openvpn |head -1
>  Information for openvpn-2.5.7nb1:

 	Mine is OpenVPN 2.5.8 (on both systems).

>  With the simple openvpn setups below, ping between the client and the serve=
>  r
>  works for me.
>  
>  [host]
>  openvpn --remote 192.168.122.11 --dev tun1 --ifconfig 10.4.0.1 10.4.0.2 --v=
>  erb 1
>  
>  [guest]
>  openvpn --remote 192.168.0.100 --dev tun1 --ifconfig 10.4.0.2 10.4.0.1
>  --verb 1 --float --ping 10
>  
>  [ping from guest]
>  netbsd10# ping -n -c 1 10.4.0.1
>  PING 10.4.0.1 (10.4.0.1): 56 data bytes
>  64 bytes from 10.4.0.1: icmp_seq=3D0 ttl=3D64 time=3D1.250718 ms
>  
>  ----10.4.0.1 PING Statistics----
>  1 packets transmitted, 1 packets received, 0.0% packet loss
>  round-trip min/avg/max/stddev =3D 1.250718/1.250718/1.250718/0.000000 ms

	Client configuration:

rport 1194
lport 1194
proto udp
dev tun (or dev tap)
remote xxx.yyy.zzz.ttt
float
client
tls-client
remote-cert-tls server
ca ...
cert ...
key ...
comp-lzo adaptative
verb 3
keepalive 5 30
passtos

	Note that

>  The difference of the results may come from differences between my and your
>  environments.  My NetBSD 10 is fresh and doesn't enable networking
>  services/daemons that affect the result other than openvpn.

	I can understand daemons can produce this issue, but in my VM, I only
have installed a system from official BETA 10.0 iso and only added openvpn.

	Regards,

	JKB

Follow-Ups:
- Re: kern/57155: OpenVPN (tap and tun) doesn't run as expected on 10.0_BETA
  - From: Ryota Ozaki

References:
- Re: kern/57155: OpenVPN (tap and tun) doesn't run as expected on 10.0_BETA
  - From: Ryota Ozaki

Prev by Date: Re: kern/57155: OpenVPN (tap and tun) doesn't run as expected on 10.0_BETA
Next by Date: Re: kern/57155: OpenVPN (tap and tun) doesn't run as expected on 10.0_BETA
Previous by Thread: Re: kern/57155: OpenVPN (tap and tun) doesn't run as expected on 10.0_BETA
Next by Thread: Re: kern/57155: OpenVPN (tap and tun) doesn't run as expected on 10.0_BETA
Indexes:

Home | Main Index | Thread Index | Old Index