Re: Fwd: 10-BETA : some network issues

[Masanobu SAITOH <msaitoh%execsw.org@localhost>]

Hi.

On 2022/12/29 17:32, BERTRAND Joël wrote:
> Gert Doering a écrit :
>> Hi,
>>
>> On Wed, Dec 28, 2022 at 07:30:29PM +0100, BERTRAND Joël wrote:
>>> 	Nobody has any idea?
>>>
>>> 	I have started to investigate without success (tap device) but I don't
>>> understand why openvpn server is seen form lan1 (when netbsd acts as a
>>> router) and not from netbsd server itself...
>>
>> Usually it's a routing issue - when you connect outbound from the 
>> machine running openvpn, it will not use the LAN IP address but the
>> OpenVPN (tun/tap) address.  "ping -I <src-ip> <dst-ip>" will help
>> pinpoint that.
> 
> 	I have tried:
> 
> legendre# ifconfig tap0

I think it would be worth to try vether(4) instead of tap(4).

See:
	https://www.netbsd.org/changes/changes-10.0.html#tap(4)


> tap0: flags=0x8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
>         ec_capabilities=0x5<VLAN_MTU,JUMBO_MTU>
>         ec_enabled=0
>         address: f2:0b:a4:38:bb:42
>         status: no carrier
>         inet6 2001:7a8:a8ed:1::2/64 flags 0x8<DETACHED>
>         inet6 fe80::f00b:a4ff:fe38:bb42%tap0/64 flags 0x8<DETACHED>
> scopeid 0x9
>         inet 192.168.1.2/24 broadcast 192.168.1.255 flags 0x4<DETACHED>
> 
> legendre# ping -I 192.168.1.2 192.168.1.1
> PING rayleigh.systella.fr (192.168.1.1): 56 data bytes
> ^C
> ----rayleigh.systella.fr PING Statistics----
> 52 packets transmitted, 0 packets received, 100.0% packet loss
> legendre#
> 
> 	Other constatation : openvpn server cannot ping openvpn client (netbsd)
> but can ping workstations on lan1 through VPN.
> 
> 	Best regards,
> 
> 	JB

-- 
-----------------------------------------------
                SAITOH Masanobu (msaitoh%execsw.org@localhost
                                 msaitoh%netbsd.org@localhost)