[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: topology does work on mac osx with a manual work arround (was Re: [Openvpn-users] topology subnet 2.1beta7 mac osx - ifconfig: ioctl (SIOCAIFADDR): Destination address required

  • Subject: Re: topology does work on mac osx with a manual work arround (was Re: [Openvpn-users] topology subnet 2.1beta7 mac osx - ifconfig: ioctl (SIOCAIFADDR): Destination address required
  • From: James Yonan <jim@xxxxxxxxx>
  • Date: Thu, 1 Dec 2005 03:24:01 -0700 (MST)

On Wed, 30 Nov 2005, Mathias Sundman wrote:

> On Wed, 30 Nov 2005, Mathias Sundman wrote:
> 
> > On Wed, 30 Nov 2005, Jon Bendtsen wrote:
> >
> >> Sundman from #openvpn had some suggestions and they appears to be working.
> >> i had to remove the pull/client statement from the client.conf and run this 
> >> manually
> >> 	sudo ifconfig tun0 192.168.123.253/24 192.168.123.253
> >> 	sudo route add -net 192.168.123.0 192.168.123.253 255.255.255.0
> >> 
> >> It does work.
> >> I can ping, and if i add a route to the network beyond the VPN network i 
> >> can
> >> ping and surf on those hosts as well
> >> 	sudo route add -net 192.168.119.0 192.168.123.34 255.255.255.0
> >> 
> >> So topology does work on mac OSX.
> >
> > Alright Jon, try this patch and see if it helps...
> >
> > It tries to use the following syntax for --dev tun --topology subnet on mac 
> > OSX:
> >
> > ifconfig tun0 192.168.123.253 192.168.123.253 netmask 255.255.255.0 mtu xxx 
> > up
> >
> > instead of previous
> > ifconfig tun0 192.168.123.253 netmask 255.255.255.0 mtu xxx up
> > that didn't work...
> 
> My last patch had a typo, attached is a working one. Jon has verified that 
> the patch does work on macOSX.
> 
> The tun interface now gets its IP and mask set, but to reach the whole 
> subnet assigned to the tun interface he still had to add a route as above:
> 
> route add -net 192.168.123.0 192.168.123.253 255.255.255.0
> 
> So, the question is, should we make OpenVPN always add a network route for 
> the "local network" assigned to the tun interface when in --dev tun, 
> --topology subnet mode on macOSX, or is it up to the user to push such a 
> route?
> 
> How does other OSs work? If we push such a route, we don't want to break 
> other OSs...

No, I don't think we should universally push a route, since that will 
break platforms which don't need the extra route in the first place (like 
Linux or Windows).

I think it would be better if the OpenVPN client generates the "route add"  
by itself, on platforms where the tun/tap driver can't accept a netmask in
tun mode.

James


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users