Hi: Antonio Quartulli <a...@unstable.cc> > Unfortunately there will be no difference as this is an issue between > openvpn and ovpn-dco.
thanks a lot for hint! > Could you please re-run with --verb 6 ? That will include DCO specific > debug messages. root@OpenWrt:~# openvpn --verb 6 --tls-client --dev tun100 --data-ciphers CHACHA20-POLY1305 --ifconfig 172.31.22.2 172.31.22.1 --cert /tmp/client.crt --key /tmp/client.key --remote 172 .18.1.253 --peer-fingerprint 25:22:D9:1D:9C:2C:69:87:18:0F:E8:47:13:DB:E7:B6:BA:DD:97:69:55:A7:3E:F3:BE:6D:77:3D:F1:DB:E5:FE 2024-04-24 09:17:31 us=726383 Using certificate fingerprint to verify peer (no CA option set). 2024-04-24 09:17:31 us=752122 OpenVPN 2.6.10 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] [DCO] 2024-04-24 09:17:31 us=752473 library versions: OpenSSL 3.0.13 30 Jan 2024, LZO 2.10 2024-04-24 09:17:31 us=752939 DCO version: 2.0.0 2024-04-24 09:17:31 us=754034 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. 2024-04-24 09:17:31 us=788645 Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ] 2024-04-24 09:17:31 us=790902 open_tun_dco: tun100 2024-04-24 09:17:31 us=791360 net_iface_new: add tun100 type ovpn-dco 2024-04-24 09:17:31 us=794826 sitnl_send: checking for received messages 2024-04-24 09:17:31 us=796406 sitnl_send: rtnl: received 36 bytes 2024-04-24 09:17:31 us=797153 ovpn_dco_register 2024-04-24 09:17:31 us=799385 DCO device tun100 opened 2024-04-24 09:17:31 us=799858 do_ifconfig, ipv4=1, ipv6=0 2024-04-24 09:17:31 us=800594 net_iface_mtu_set: mtu 1500 for tun100 2024-04-24 09:17:31 us=802344 sitnl_send: checking for received messages 2024-04-24 09:17:31 us=803142 sitnl_send: rtnl: received 36 bytes 2024-04-24 09:17:31 us=804036 net_iface_up: set tun100 up 2024-04-24 09:17:31 us=806973 sitnl_send: checking for received messages 2024-04-24 09:17:31 us=807721 sitnl_send: rtnl: received 36 bytes 2024-04-24 09:17:31 us=808248 net_addr_ptp_v4_add: 172.31.22.2 peer 172.31.22.1 dev tun100 2024-04-24 09:17:31 us=811166 sitnl_send: checking for received messages 2024-04-24 09:17:31 us=811684 sitnl_send: rtnl: received 36 bytes 2024-04-24 09:17:31 us=813063 Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ] 2024-04-24 09:17:31 us=816255 TCP/UDP: Preserving recently used remote address: [AF_INET]172.18.1.253:1194 2024-04-24 09:17:31 us=816841 Socket Buffers: R=[180224->180224] S=[180224->180224] 2024-04-24 09:17:31 us=817705 UDPv4 link local (bound): [AF_INET][undef]:1194 2024-04-24 09:17:31 us=818804 UDPv4 link remote: [AF_INET]172.18.1.253:1194 2024-04-24 09:17:31 us=821731 UDPv4 WRITE [14] to [AF_INET]172.18.1.253:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0 2024-04-24 09:17:31 us=827654 UDPv4 READ [26] from [AF_INET]172.18.1.253:1194: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ 0 ] pid=0 DATA len=0 2024-04-24 09:17:31 us=828341 TLS: Initial packet from [AF_INET]172.18.1.253:1194, sid=178527d2 6c3a0923 2024-04-24 09:17:31 us=830603 UDPv4 WRITE [303] to [AF_INET]172.18.1.253:1194: P_CONTROL_V1 kid=0 [ 0 ] pid=1 DATA len=277 2024-04-24 09:17:31 us=839202 UDPv4 READ [1222] from [AF_INET]172.18.1.253:1194: P_CONTROL_V1 kid=0 [ 1 0 ] pid=1 DATA len=1192 2024-04-24 09:17:31 us=855329 VERIFY OK: depth=0, CN=server 2024-04-24 09:17:31 us=857536 VERIFY OK: depth=0, CN=server 2024-04-24 09:17:31 us=858751 UDPv4 WRITE [26] to [AF_INET]172.18.1.253:1194: P_ACK_V1 kid=0 [ 1 0 ] DATA len=0 2024-04-24 09:17:31 us=859718 UDPv4 READ [242] from [AF_INET]172.18.1.253:1194: P_CONTROL_V1 kid=0 [ 1 0 ] pid=2 DATA len=212 2024-04-24 09:17:31 us=983136 UDPv4 WRITE [1222] to [AF_INET]172.18.1.253:1194: P_CONTROL_V1 kid=0 [ 2 1 0 ] pid=2 DATA len=1188 2024-04-24 09:17:31 us=983969 UDPv4 WRITE [362] to [AF_INET]172.18.1.253:1194: P_CONTROL_V1 kid=0 [ 2 1 0 ] pid=3 DATA len=328 2024-04-24 09:17:31 us=987162 UDPv4 READ [192] from [AF_INET]172.18.1.253:1194: P_CONTROL_V1 kid=0 [ 2 1 0 ] pid=3 DATA len=158 2024-04-24 09:17:31 us=990422 UDPv4 WRITE [34] to [AF_INET]172.18.1.253:1194: P_ACK_V1 kid=0 [ 3 2 1 0 ] DATA len=0 2024-04-24 09:17:31 us=991502 UDPv4 READ [328] from [AF_INET]172.18.1.253:1194: P_CONTROL_V1 kid=0 [ 3 2 1 0 ] pid=4 DATA len=290 2024-04-24 09:17:31 us=992534 peer info: IV_CIPHERS=CHACHA20-POLY1305 2024-04-24 09:17:31 us=993005 peer info: IV_PROTO=746 2024-04-24 09:17:31 us=994192 P2P mode NCP negotiation result: TLS_export=1, DATA_v2=1, peer-id 3578645, cipher=CHACHA20-POLY1305 2024-04-24 09:17:31 us=994895 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bits RSA, signature: RSA-SHA256, peer temporary key: 253 bits X25519 2024-04-24 09:17:31 us=995420 [server] Peer Connection Initiated with [AF_INET]172.18.1.253:1194 2024-04-24 09:17:31 us=996425 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1 2024-04-24 09:17:31 us=997562 TLS: tls_multi_process: initial untrusted session promoted to trusted 2024-04-24 09:17:31 us=998158 UDPv4 WRITE [38] to [AF_INET]172.18.1.253:1194: P_ACK_V1 kid=0 [ 4 3 2 1 0 ] DATA len=0 2024-04-24 09:17:33 us=54287 dco_new_peer: peer-id 3578645, fd 4, remote addr: [AF_INET]172.18.1.253:1194 2024-04-24 09:17:33 us=55885 Data Channel MTU parms [ mss_fix:1400 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ] 2024-04-24 09:17:33 us=57423 Outgoing dynamic tls-crypt: Cipher 'AES-256-CTR' initialized with 256 bit key 2024-04-24 09:17:33 us=58152 Outgoing dynamic tls-crypt: Using 256 bit message hash 'SHA256' for HMAC authentication 2024-04-24 09:17:33 us=58706 Incoming dynamic tls-crypt: Cipher 'AES-256-CTR' initialized with 256 bit key 2024-04-24 09:17:33 us=59422 Incoming dynamic tls-crypt: Using 256 bit message hash 'SHA256' for HMAC authentication 2024-04-24 09:17:33 us=60909 dco_install_key: peer_id=3578645 keyid=0, currently 0 keys installed 2024-04-24 09:17:33 us=61355 dco_new_key: slot 0, key-id 0, peer-id 3578645, cipher CHACHA20-POLY1305 2024-04-24 09:17:33 us=121719 dco_new_key: netlink reports object not found, ovpn-dco unloaded? 2024-04-24 09:17:33 us=122277 dco_new_key: failed to send netlink message: No such file or directory (-2) 2024-04-24 09:17:33 us=122760 Impossible to install key material in DCO: No such file or directory 2024-04-24 09:17:33 us=123167 Exiting due to fatal error 2024-04-24 09:17:33 us=123787 Closing DCO interface 2024-04-24 09:17:33 us=124293 net_addr_ptp_v4_del: 172.31.22.2 dev tun100 2024-04-24 09:17:33 us=126018 sitnl_send: checking for received messages 2024-04-24 09:17:33 us=126719 sitnl_send: rtnl: received 36 bytes 2024-04-24 09:17:33 us=127366 close_tun_dco 2024-04-24 09:17:33 us=128041 net_iface_del: delete tun100 2024-04-24 09:17:33 us=312252 sitnl_send: checking for received messages 2024-04-24 09:17:33 us=312848 sitnl_send: rtnl: received 36 bytes _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
