Page 1 of 1

mDNS over tap tunnel not working in 1.7.8 betas

Posted: Wed Mar 07, 2018 8:03 am
by ikappas
I am connecting to our office pfsense via a tap tunnel where we have Avahi installed. mDNS was working before updating to the 1.7.8 betas were I no longer see other computers on my finder when I connect to our VPN.

Other than this issue, the connection is working properly and I am able to access remote resources.

Here is my connection log:
2018-03-06 22:19:36: Viscosity Mac 1.7.8b3 (1434)
2018-03-06 22:19:36: Viscosity OpenVPN Engine Started
2018-03-06 22:19:36: Running on macOS 10.13.3
2018-03-06 22:19:36: ---------
2018-03-06 22:19:36: State changed to Connecting
2018-03-06 22:19:36: Checking reachability status of connection...
2018-03-06 22:19:36: Connection is reachable. Starting connection attempt.
2018-03-06 22:19:38: OpenVPN 2.4.5 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Mar 3 2018
2018-03-06 22:19:38: library versions: OpenSSL 1.0.2n 7 Dec 2017, LZO 2.10
2018-03-06 22:19:39: TCP/UDP: Preserving recently used remote address: [AF_INET]XXX.XXX.XXX.XXX:1195
2018-03-06 22:19:39: UDP link local (bound): [AF_INET][undef]:0
2018-03-06 22:19:39: UDP link remote: [AF_INET]XXX.XXX.XXX.XXX:1195
2018-03-06 22:19:39: State changed to Authenticating
2018-03-06 22:19:39: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2018-03-06 22:19:39: [hostname] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.XXX:1195
2018-03-06 22:19:40: TUN/TAP device vtap0 opened
2018-03-06 22:19:40: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
2018-03-06 22:19:40: /sbin/ifconfig vtap0 delete
2018-03-06 22:19:40: DHCP enabled on tap interface vtap0
2018-03-06 22:19:41: NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2018-03-06 22:19:41: /sbin/ifconfig vtap0 10.0.1.2 netmask 255.255.255.0 mtu 1500 up
2018-03-06 22:19:41: Initialization Sequence Completed
2018-03-06 22:19:41: Disabling DHCP on interface vtap0 (not required)
2018-03-06 22:19:42: DNS mode set to Split
2018-03-06 22:19:42: State changed to Connected

Thank you

Re: mDNS over tap tunnel not working in 1.7.8 betas

Posted: Wed Mar 07, 2018 12:25 pm
by James
Hi ikappas,

I'm afraid we're not seeing any mDNS/Bonjour resolution issues when testing. Try pinging the machine/s using their .local name, which uses mDNS for resolution, and see if they resolve. E.g."ping MachineName.local".

Cheers,
James

Re: mDNS over tap tunnel not working in 1.7.8 betas

Posted: Wed Mar 14, 2018 3:48 am
by ikappas
Hi James,

When I ping MachineName.local I get:

cannot resolve MachineName.local: Unknown host

When I ping MachineName.domain.tld It works properly.

Is there some specific setting that I need to check why the host does not resolve?

Thanks

PS: I use viscosity on a mac book pro over wifi.

Re: mDNS over tap tunnel not working in 1.7.8 betas

Posted: Wed Mar 14, 2018 6:48 am
by James
Hi ikappas,

It certinally sounds like mDNS is not functioning then, however as it's handled entirely by macOS, there aren't any settings in Viscosity or OpenVPN related to its use. Our testing uses standard macOS machines on both ends of the network for discovery: I'm afraid we have no experience with Avahi.

I'd recommend checking whether it's just a coincidence that it stopped working for you around the time you updated to a 1.7.8 beta: try downgrading to version 1.7.7 and see if the issue persists. There have been no changes in Viscosity that would interfere with multicast networking, and I'm not aware of any OpenVPN 2.4.5 changes that should affect it either.

Otherwise I'd recommend the standard troubleshooting steps: check that no firewall or security software could be blocking the multicast requests, check that the server setup is correct, check that the network bridge on the server isn't dropping any packets, etc.

Cheers,
James