Am 11.01.14 01:12, schrieb Tore Anderson: > * Arne Schwabe > >> Listening on multiple sockets not yet implemented. But a server having >> proto udp6 should get IPv6 mapped IPv4 clients working. What is >> happening/not working for you? > "multihome" doesn't work, the OpenVPN server responds from its primary > IPv4 address (the one the OS selects as the default source for routing > towards the client), rather than the IPv4 address it was contacted on. > > So the initial two packets look like this: > > 01:07:47.896447 IP 84.209.244.191.38878 > 87.238.35.253.1194: UDP, length 14 > 01:07:47.897423 IP 87.238.35.145.1194 > 84.209.244.191.38878: UDP, length 26 > > The client (84.209.244.191) expects the response packet to come from the > address it contacted as --remote (87.238.35.253), but instead the server > responds from 87.238.35.145 which is its primary address. Doesn't work, > after some retransmissions and reconnect attempts the client gives up. > > The server logs the following: > > Jan 11 01:07:47 greed ovpn-server[10222]: ::ffff:84.209.244.191 TLS: Initial > packet from [AF_INET6]::ffff:84.209.244.191:38878 (via > 2a02:c0:1001:100::253%eth0), sid=98e4314f 9ea08578 > > I find the "via 2a02:c0:1001:100::253%eth0" part interesting, as that's > not even the primary IPv6 address of the interface. > > Yeah. We are probably out of luck at this point without implemting a socket for v4 and a socket for v6. If the operating system does not give us a valid incoming interface/ip combination, we cannot fix that later.
Arne
