On Thu, 8 Dec 2016, BERTRAND Joël wrote:
Gert Doering a écrit :Hi, On Wed, Dec 07, 2016 at 11:27:29PM +0100, BERTRAND Joël wrote:Even with interfaces up on both sides, tunnel is unusable.What does "unusable" mean, exactly? Is the agr interface down, are packets not being sent to tap0/tap1, are they not passed to openvpn, are they not being received, etc.?No connection. Both OpenVPN links run as expected. But even if agr0 is up (and configured of course with an IP address), no data is received from aggregated interface. I suppose that NetBSD try to send data, but Linux host doesn't receive any packets.You'll need to do some tcpdumping on all interfaces involved to see how far the packets get...Of course, I have tried to check link with tcpdump. WHen I try to ping Linux host from NetBSD, I obtain on agr0 : 10:34:46.034686 ARP, Request who-has 192.168.100.1 tell 192.168.100.2, length 28 10:34:47.034689 ARP, Request who-has 192.168.100.1 tell 192.168.100.2, length 28 10:34:48.034682 ARP, Request who-has 192.168.100.1 tell 192.168.100.2, length 28 10:34:49.034679 ARP, Request who-has 192.168.100.1 tell 192.168.100.2, length 28 10:34:50.034666 ARP, Request who-has 192.168.100.1 tell 192.168.100.2, length 28 10:34:51.034655 ARP, Request who-has 192.168.100.1 tell 192.168.100.2, length 28 10:34:52.034655 ARP, Request who-has 192.168.100.1 tell 192.168.100.2, length 28 10:34:53.034647 ARP, Request who-has 192.168.100.1 tell 192.168.100.2, length 28 10:34:54.034642 ARP, Request who-has 192.168.100.1 tell 192.168.100.2, length 28 10:34:55.034639 ARP, Request who-has 192.168.100.1 tell 192.168.100.2, length 28 10:34:56.034624 ARP, Request who-has 192.168.100.1 tell 192.168.100.2, length 28 10:34:57.034635 ARP, Request who-has 192.168.100.1 tell 192.168.100.2, length 28 10:34:58.034615 ARP, Request who-has 192.168.100.1 tell 192.168.100.2, length 28 10:34:59.034613 ARP, Request who-has 192.168.100.1 tell 192.168.100.2, length 28 10:35:00.034612 ARP, Request who-has 192.168.100.1 tell 192.168.100.2, length 28
Great. You should also run tcpdump on both member links to determine whether or not the agr driver is properly putting packets into those queues.
And if that succeeds, you should then use tcpdump to watch for packets being sent on the "real" interfaces...
(I think this is what the previous responder meant when he said "run tcpdump on all of the involved interfaces...)
If I try to ping NetBSD from Linux, I obtain the same message.
Hopefully, the addresses are reversed! If NetBSD --> Linux says Request who-has 192.168.100.1 tell 192.168.100.2 then Linux --> NetBSD should say Request who-has 192.168.100.2 tell 192.168.100.1 :) +------------------+--------------------------+------------------------+ | Paul Goyette | PGP Key fingerprint: | E-mail addresses: | | (Retired) | FA29 0E3B 35AF E8AE 6651 | paul at whooppee.com | | Kernel Developer | 0786 F758 55DE 53BA 7731 | pgoyette at netbsd.org | +------------------+--------------------------+------------------------+