strange routing behavior starting with ocserv 0.12.0

sven plaga sven at plaga.de
Mon Sep 21 21:28:12 EDT 2020 

Hello Nikos,

>> Starting with ocserv 0.12.0: a user connects, and the route changes to
>> the following:
>>
>> Fritzbox       <-->  Backuphostsr
>> 192.168.7.1          192.168.7.13
>>                        Default Route: 192.168.7.13
> 
> I suspect that default route here is the peer address you see on the
> clients right? ocserv sets as its IP the first network address of the
> one assigned. With
> 192.168.7.32/27 you should have
> 192.168.7.33 (is 13 a typo?)

No typo: in 0.12.0 ocserv sets 192.168.7.13 as default route on the 
server (deleting the former 192.168.7.1 route). The ocserv server sets 
itself as default route when a client is connecting, which makes no 
sense at all. Additionally, of course, it sets the route to my client 
peer (192.168.7.33).

When the client is disconnecting, default route is restored to 
192.168.7.1 and route to the peer 192.168.7.33 is deleted.

Problem is: the default route setup destroys IPv4 connectivity of the 
ocserv server. This behavior is new in 0.12.0. I do not see it in 
0.11.12 (both versions self compiled).

> Most likely the behavior in 0.11.x is a bug, and it most likely
> accidental that it was working. If the first address in the network
> doesn't work as default route in your setup you may need to make the
> server ocserv runs on capable to route.

An ocserv server with a default route pointing to itself: that can not 
be correct behavior.

For debugging: Maybe you could give me some hint. Unfortunately, I was 
not able to find the point in the code where ocserv is altering the 
routes on the host where it is running. I would like to build a test 
version which is not touching my routes. Maybe this helps me to narrow 
down the problem. Maybe there is some other mechanism on the server 
touching the routes ...

I Thank you very much for your patience and help

  Sven



> 
> regards,
> Nikos
> 
> 
> 
>>
>> The host backuphostsr is assigned 192.168.7.13. Therefore the default
>> route points to the host itself. Changig the route notation does not
>> change anything. After the user disconnects, the correct default route
>> (192.168.7.1) is restored.
>>
>>
>> It is a strange behavior ...
>>
>> Regards
>>
>>     Sven
>>
>>
>>
>>
>>
>>>
>>> regards,
>>> Nikos
>>>
>>> _______________________________________________
>>> openconnect-devel mailing list
>>> openconnect-devel at lists.infradead.org
>>> http://lists.infradead.org/mailman/listinfo/openconnect-devel
>>>
>>
>>
>> _______________________________________________
>> openconnect-devel mailing list
>> openconnect-devel at lists.infradead.org
>> http://lists.infradead.org/mailman/listinfo/openconnect-devel

More information about the openconnect-devel mailing list