Hi, On Thu, May 12, 2022 at 11:23:49AM +0200, Frank Doepper wrote: > Maybe the way openvpn handles it's socket triggers a weird kernel > behaviour here, because the master interface (eth) and the enslaved > macvtap (vrrp) have different IPs on the same subnet and the interface > route on that macvtap device is active and inactive at the same time, > somehow?
Basically, OpenVPN does "nothing special" which should ever influence
ARP resolution.
But...
OpenVPN is using a single IPv6-socket set to "dual-stack mode", so
we send IPv4 packets in the v4-mapped format via the v6 socket.
This has triggered bugs in the kernel before (like, "--multihome" not
working in this case) because these code paths are not as well excercised,
thus not so well tested. And sometimes code had just not been written
yet for this special case.
If I had time to do testing, I'd test this with an openvpn instance
bound to IPv4-only ("proto udp4"), and alternatively by turning on
--multihome - both change the way we talk to the socket interface
(IPv4-only socket, and using ancilliary data to the set source IP).
Under normal conditions, neither should make any difference, but if
this triggers a kernel bug, it might...
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
