From owner-freebsd-current@FreeBSD.ORG Thu Jul 30 20:11:26 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3D50C106566B; Thu, 30 Jul 2009 20:11:26 +0000 (UTC) (envelope-from qing.li@bluecoat.com) Received: from whisker.bluecoat.com (whisker.bluecoat.com [216.52.23.28]) by mx1.freebsd.org (Postfix) with ESMTP id 026068FC0C; Thu, 30 Jul 2009 20:11:25 +0000 (UTC) (envelope-from qing.li@bluecoat.com) Received: from bcs-mail03.internal.cacheflow.com ([10.2.2.95]) by whisker.bluecoat.com (8.14.2/8.14.2) with ESMTP id n6UKBPc2006642; Thu, 30 Jul 2009 13:11:25 -0700 (PDT) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Date: Thu, 30 Jul 2009 13:09:40 -0700 Message-ID: In-Reply-To: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: recent change to ifconfig breaks OpenVPN? Thread-Index: AcoRNU94anw5Tb2FSISYElzlWKas2gAEnDEw References: <4A709126.5050102@elischer.org><3A1518B9-2C8C-4F05-9195-82C6017E4902@lassitu.de> From: "Li, Qing" To: "Stefan Bethke" , "Qing Li" , "Bjoern A. Zeeb" Cc: Matthias Andree , FreeBSD Current Subject: RE: recent change to ifconfig breaks OpenVPN? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jul 2009 20:11:26 -0000 >=20 > I did at least have time to figure out the commit that changed it: > 195914 >=20 > > Author: qingli > > Date: Mon Jul 27 17:08:06 2009 > > New Revision: 195914 > > URL: http://svn.freebsd.org/changeset/base/195914 > > > > Log: > > This patch does the following: > > > > - Allow loopback route to be installed for address assigned to > > interface of IFF_POINTOPOINT type. > > - Install loopback route for an IPv4 interface addreess when the > > "useloopback" sysctl variable is enabled. Similarly, install > > loopback route for an IPv6 interface address when the sysctl > > variable > > "nd6_useloopback" is enabled. Deleting loopback routes for > > interface > > addresses is unconditional in case these sysctl variables were > > disabled after an interface address has been assigned. >=20 In 7.x and prior releases, the local-ip of the PPP links=20 (e.g. tun, gif, gre) is not reachable within that system. I don't=20 know if that really make sense.=20 The Host Requirements RFC-1122, Section 3.3.4 on Local Multihoming seems to suggest the local-ip of a PPP link is not irrelevant as was treated by=20 the implementation. In r195914, I added a loopback route for the local-ip of the local end of a PPP link to make the local-ip reachable within the system. Since a host route is installed for the remote end, the installation of the loopback route for the local-ip (that is the same IP as the remote end) fails. As Julian pointed out, the configuration from OpenVPN seems erroneous. At this point I don't believe there is anything I need to fix but comments are welcomed. >=20 > Setting net.link.ether.inet.useloopback=3D0 does not restore the > previous behavior. >=20 I also verified setting (useloopback=3D0) * does * restore to the previous=20 behavior. -- Qing