SparkLabs Forum.

Community Help.


bug report: network loop with ipv6 endpoint

When connecting to upd6 endpoint in tun mode, e.g.

Code: Select all

dev tun
remote example.vpn.com 1194 udp6
tls-client


Immediately upon connection, the VPN connection bandwidth saturate the networking capacity, i.e. 100mbps in my case.

With ipv4 udp endpoint, this problem doesn't happen.
With ipv4 endpoint, a specific route is always added by openvpn, to avoid "VPN nasty network loops". If xxx.yyy.zzz.ttt is your ipv4 VPN endpoint:

Code: Select all

netstat -nr
Routing tables
Internet:
Destination        Gateway            Flags        Refs      Use   Netif Expire
0/1                192.168.10.5        UGSc          118        0   utun1
xxx.yyy.zzz.ttt/32    9.12.143.1       UGSc            1        0     en0


This is NOT done by openvpn / viscosity for ipv6 VPN endpoints.
As a result, a VPN network loop happens right upon connection, which saturates the client network connection.
Hi Strangelovian,

The /32 route is created as part of the "redirect-gateway" command. In the case of IPv6 if "redirect-gateway ipv6" is being pushed then it should be doing the same for a IPv6 /128 route. However if the IPv6 route/s are being set manually instead of through the use of "redirect-gateway ipv6" then the /128 won't be created. This is often the case to maintain backwards compatibility with older versions of OpenVPN - the workaround is to push the /128 manually with the gateway set to "net_gateway".

If you're still stuck please don't hesitate to get in touch with a copy of your server and client configuration files and we'll take a closer look.

Cheers,
James
2 posts Page 1 of 1

Copyright © 2016 SparkLabs Pty Ltd. All Rights Reserved. Privacy Policy