Re: [Openvpn-users] "redirect-gateway def1 bypass-dhcp" / Options error: in --iroute: Bad network/subnet specification

Mon, 29 Dec 2014 06:22:06 -0800 

Hi,

On 29/12/14 13:25, Erich Titl wrote:
> Hi MIchael
>
> Am 29.12.2014 um 12:05 schrieb mich...@haleyweb.com:
>> root@interconit:~# tcpdump -i tun0
>> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
>> listening on tun0, link-type RAW (Raw IP), capture size 65535 bytes
>> 02:40:34.605131 IP 10.8.0.6.28196 > 74.207.241.5.domain: 53216+ A?
>> google.com. (28)
>> 02:40:34.605177 IP 10.8.0.6.28196 > 74.207.242.5.domain: 53216+ A?
>> google.com. (28)
>> 02:40:35.607297 IP 10.8.0.6.6962 > 74.207.241.5.domain: 62681+ PTR?
>> 5.241.207.74.in-addr.arpa. (43)
>> 02:40:35.607339 IP 10.8.0.6.6962 > 74.207.242.5.domain: 62681+ PTR?
>> 5.241.207.74.in-addr.arpa. (43)
>> 02:40:39.610630 IP 10.8.0.6.28196 > 74.207.241.5.domain: 53216+ A?
>> google.com. (28)
> I am assuming that this is the server side. If this is true, then your
> OpenVPN connection appears to work.
>
> The system on 10.8.0.6 tries to resolve google.com using 74.207.241.5 as
> the DNS server. Does the server on 74.207.241.5 know how to route the
> answers back to 10.8.0.6, if not, do you NAT this somewhere?
>
>> root@interconit:~# ip addr
>> ...
>> 44: tun1: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc
>> pfifo_fast state UNKNOWN group default qlen 100
>>      link/none
>>      inet 10.8.0.6 peer 10.8.0.5/32 scope global tun1
>>         valid_lft forever preferred_lft forever
>>
>> root@interconit:~# route
>> Kernel IP routing table
>> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
>> default         10.8.0.5        128.0.0.0       UG    0      0        0 tun1
>> default         173.255.210.1   0.0.0.0         UG    0      0        0 eth0
>> 10.8.0.0        10.8.0.2        255.255.255.0   UG    0      0        0 tun0
>> 10.8.0.1        10.8.0.5        255.255.255.255 UGH   0      0        0 tun1
>> 10.8.0.2        *               255.255.255.255 UH    0      0        0 tun0
>> 10.8.0.5        *               255.255.255.255 UH    0      0        0 tun1
>> 117.150.0.0     173.255.210.1   255.255.0.0     UG    0      0        0 eth0
>> 128.0.0.0       10.8.0.5        128.0.0.0       UG    0      0        0 tun1
>> 173.255.0.0     *               255.255.0.0     U     0      0        0 eth0
>> 173.255.210.130 173.255.210.1   255.255.255.255 UGH   0      0        0 eth0
>> 183.93.0.0      173.255.210.1   255.255.0.0     UG    0      0        0 eth0
>>
>> So, when I ping from my OpenVPN to any domain/IP on the Internet, it just
>> hangs.
>>
>> Suggestions?

I did not see the original post but your route output looks quite odd: 
there are two tun devices, tun0 and tun1; 10.8.0.2 is routed via tun0 , 
but 10.8.0.6 and 10.8.0.1 are routed via tun1 ?!?!?
Check your setup if this is really what you intend - if you are using 
two openvpn setups simultaneously then use different subnets.

JM2CW,

JJK


------------------------------------------------------------------------------
Dive into the World of Parallel Programming! The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Reply via email to