Hi,
I have a strange problem using OpenVPN 2 beta 11 with my linux box and
kernel 2.6.8.1-mm4.
Let me explain the senario and the problem...
SCENARIO:
There are 2 PC, 1 OpenVPN server and 1 OpenVPN client.
The server has 2 NICs, the ETH0 has an IP address and it is the way how to
reach the OpenVPN server and The IP address whare the OpenVPN process is
listening.
The ETH1 is without IP configured. It has only layer 2 address.
I configured a Bridge BR0 with 2 interface the ETH1 and the TAP0
interface.
The OpenVPN process "read" and "write" on the ETH1 and TAP0 interface.
This system let me to have a real layer2 link encapsulated and encrypted in a
TCP or UDP tunnel.
THE PROBLEM:
I have 2 clients, one MACOSX and one Linux, to connect to the OpenVPN
server.
- Using the OSX client
When I connect to the server and I perform a tcpdump on
the TAP0 interface I can see all the Broadcast Traffic of the LAN where
the OpenVPN Server's eth1 is located.
All is working fine, I can get my IPv4 and IPv6 address.
- Using the Linux client
When I connect to the server and I perform a tcpdump
on
the TAP0 interface I can see lots of traffic, the same number of packets
I can see with MACOSX client but it is a strange traffic because I see only traffic
like this:
Ethernet II frames with the TYPE field Unknown (0x4500) as you can
see in the packet below:
The frams are decode with Ethereal 10.4
No. Time Source Destination Protocol Info
1 0.000000 80:78:14:00:08:00 5e:00:00:02:00:04 0x4500 Ethernet II
Frame 1 (60 bytes on wire, 60 bytes captured)
Arrival Time: Oct 16, 2004 10:18:39.962765000
Time delta from previous packet: 0.000000000 seconds
Time since reference or first frame: 0.000000000 seconds
Frame Number: 1
Packet Length: 60 bytes
Capture Length: 60 bytes
Ethernet II, Src: 80:78:14:00:08:00, Dst: 5e:00:00:02:00:04
Destination: 5e:00:00:02:00:04 (5e:00:00:02:00:04)
Source: 80:78:14:00:08:00 (80:78:14:00:08:00)
Type: Unknown (0x4500)
Data (46 bytes)
0000 5e 00 00 02 00 04 80 78 14 00 08 00 45 00 00 30 ^......x....E..0
0010 c1 ef 40 00 ff 11 f8 a0 92 30 4e f9 e0 00 00 02 ..@......0N.....
0020 22 b8 22 b8 00 1c f9 19 21 4e 69 01 00 01 95 7d ".".....!Ni....}
0030 92 30 4e 01 00 00 00 00 00 00 00 00 .0N.........
There are also more Ethernet II frames with the TYPE Unknown as I listed below:
Ethernet II frames but with the TYPE field Unknown (0xfefe)
Ethernet II frames but with the TYPE field Unknown (0xffff)
Ethernet II frames but with the TYPE field Unknown (0xe0e0)
Ethernet II frames but with the TYPE field Unknown (0xaaaa)
Ethernet II frames but with the TYPE field Unknown (0x7600)
Another frame type I cans see is the IEEE 802.3 frames.
The LLC fields in the IEEE 802.3 frames are (Malformed Packets) as you can see in
the packets below.
When I say (Malformed Packets) I meen that Ethereal decode the frame in
this way:
No. Time Source Destination Protocol Info
3 0.000056 52:f7:55:41:08:06 ff:ff:ff:ff:02:e0 LLC [Malformed Packet]
Frame 3 (58 bytes on wire, 58 bytes captured)
Arrival Time: Oct 16, 2004 10:18:39.962821000
Time delta from previous packet: 0.000026000 seconds
Time since reference or first frame: 0.000056000 seconds
Frame Number: 3
Packet Length: 58 bytes
Capture Length: 58 bytes
IEEE 802.3 Ethernet
Destination: ff:ff:ff:ff:02:e0 (ff:ff:ff:ff:02:e0)
Source: 52:f7:55:41:08:06 (52:f7:55:41:08:06)
Length: 1
Trailer: 000604000102E052F755419230410100...
Logical-Link Control
DSAP: SNA (0x08)
IG Bit: Individual
[Malformed Packet: LLC]
0000 ff ff ff ff 02 e0 52 f7 55 41 08 06 00 01 08 00 ......R.UA......
0010 06 04 00 01 02 e0 52 f7 55 41 92 30 41 01 00 00 ......R.UA.0A...
0020 00 00 00 00 92 30 41 01 00 00 00 00 00 00 00 00 .....0A.........
0030 00 00 00 00 00 00 00 00 00 00 ..........
I'm sure I have some problems on my Linux TCP/IP stack, but I can not
understand where! I suppose the 802.2 and 802.3..
Is this problem related to the LLC support enabled in the kernel?
Do you have any ideas?
Bye
Lorenzo
LinuxUser: 71680 OpenPGP-> KeyID: 0x25B9E15E
===================================================
Fingerprint:
BF76 8EC9 A14D 2CD4 195F 9E7D 6834 A8AE 25B9 E15E
---------------------------------------------------
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
