Hello Rafael,
I've sent my configuration to Alberto. I sent the config only to him by
mistake. I attach the configs below.
Alberto had some remarks/advices connected with mtu. I changed it in
config and the log now is clean.
The problem still exists but I suppose that it is not openvpn but some
other bug connected with routing.
I use 169.254.1.0/24 IP range behind NAT in office and 169.254.3.0/24
for computers connecting by OpenVPN. The router of both networks and
OpenVPN server runs on the same machine.
I installed fresh Debian testing on some laptop and tried to connect it
to 169.254.1.0/24 network. During the installation the connection was
working, all packets were downloaded.
After reboot I could not connect to the Internet. DHCP correctly assigns
IP. I can see the computers in 169.254.1.0 network. I can not
connect/ping the computers outside.
The getaway is working correctly (many computers use it, even the same
laptop when running Windows).
When I connect the laptop to other network like 10.x.x.x, it works.
Packages from the laptop don't reach the router when directed outside
the network.
I usually don't use this subnet for my laptop. I connect to it only via
VLAN. I noticed that when I try to route the traffic trough the getway
of 169.254.1.0/24 it doesn't work. It was working some time ago, I used
it for some testing.
The range 169.254.0.0/8 is used by zeroconf. I suppose that Debian
started to treat it differently than other private IP ranges. So I
suppose that the problem is not connected with openvpn. It is getting an
off-topic... but maybe you know something about changing routing
behaviour? I wonder where to address the bug report/question?
Regards,
Maciek
I paste only uncommented lines.
server.conf
port 1194
proto udp
dev tun0
tun-mtu 1500;
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh1024.pem
server 169.254.3.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 169.254.1.0 255.255.255.0"
push "route 192.168... and other 3 networks
push "redirect-gateway def1"
push "dhcp-option DNS x.x.x.x"
push "dhcp-option DNS x.x.x.x"
client-to-client
keepalive 10 120
user nobody
group nogroup
persist-key
persist-tun
verb 3
mute 10
________________________
The configuration of client is "made" with network manager.
client
remote x.x.x.x
ca "/etc/openvpn/ca.crt"
cert "/etc/openvpn/hieracium.crt"
key "/etc/openvpn/hieracium.key"
comp-lzo yes
dev tun
proto udp
redirect-gateway
nobind
auth-nocache
script-security 2
persist-key
persist-tun
user nobody
group nobody
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
