Hi, Digging a little deeper into the subject, I realize that what I described above is not enough. My L2TP/IPSEC tunnel comes to Tor next. This seems to be the problem part. The goal is for me to connect to Always-on VPN through Tor.
My torrc contains : VirtualAddrNetwork 10.192.0.0/10 AutomapHostsOnResolve 1 TransPort 127.0.0.1:9040 DNSPort 127.0.0.1:1053 TransProxyType pf-divert I have 2 lines in my pf.conf for this: pass in on pppac0 proto tcp from any to any divert-to 127.0.0.1 port 9040 keep state (if-bound) pass in on pppac0 proto udp from any to any port 53 rdr-to 127.0.0.1 port 1053 keep state (if-bound) When I comment on them, the IPSEC connection and L2TP tunneling is fine. So it's not necessarily the NPPPD part alone that is malfunctioning. This type of configuration has been working for me for several years and has started malfunctioning recently. I can't say why. Cheers, -- Olivier On Tue, Feb 25, 2020 at 6:43 PM Olivier Antoine <[email protected]> wrote: > > Hi, > > forgot to send the dmesg… > > Klemens Nanni describes the same symptoms in this bug report > https://marc.info/?l=openbsd-bugs&m=158263928732619 > > for my part, the machine is fine as long as I don't connect my phone > to the VPN L2TP/IPSEC > > Cheers, > > > > > > On Mon, Feb 24, 2020 at 9:10 PM Olivier Antoine > <[email protected]> wrote: > > > > Hi, > > > > Trying to connect my Android VPN to L2TP/NPPPD OpenBSD lead to a kernel > > panic. > > > > I use this snapshot : > > ---- > > kern.version=OpenBSD 6.6-current (GENERIC.MP) #2: Mon Feb 24 00:02:18 MST > > 2020 > > [email protected]:/usr/src/sys/arch/i386/compile/GENERIC.MP > > ---- > > > > My L2TP conf is : > > ---- > > authentication LOCAL type local { > > users-file "/etc/npppd/npppd-users" > > } > > > > tunnel L2TP protocol l2tp { > > listen on 0.0.0.0 > > pipex yes > > lcp-keepalive yes > > lcp-keepalive-interval 60 > > } > > > > ipcp IPCP { > > pool-address 10.0.0.2-10.0.0.14 > > dns-servers 8.8.8.8 > > } > > > > # use tun(4) interface. multiple ppp sessions concentrate one interface. > > interface pppac0 address 10.0.0.1 ipcp IPCP > > bind tunnel from L2TP authenticated by LOCAL to pppac0 > > ---- > > > > dmesg after warm reboot show : > > ---- > > pipex: ppp=0 iface=pppac0 protocol=L2TP id=1532 PIPEX is ready. > > panic: pool_cache_item_magic_check: mbufpl cpu free list modified: > > item addr 0xd3c7a100+8 0x14001600!=0xe6394646 > > Stopped at db_enter+0x4: popl %ebp > > TID PID UID PRFLAGS PFLAGS CPU COMMAND > > 452832 39863 0 0x2 0x4000000 1 ld > > *401050 85883 82 0x10 0 0K npppd > > db_enter() at db_enter+0x4 > > panic(d0b6f7bc) at panic+0xcc > > pool_cache_get(d0e997a8) at pool_cache_get+0x1ec > > pool_get(d0e997a8,1) at pool_get+0x4f > > m_getclr(1,3) at m_getclr+0x21 > > sys_getsockname(d33445f8,f5cc7650,f5cc7648) at sys_getsockname+0xb4 > > syscall(f5cc7690) at syscall+0x2df > > Xsyscall_untramp() at Xsyscall_untramp+0xa9 > > end of kernel > > ---- > > > > Last known snap working with the same conf : > > ---- > > OpenBSD 6.6-current (GENERIC.MP) #514: Sat Jan 25 02:23:56 MST 2020 > > [email protected]:/usr/src/sys/arch/i386/compile/GENERIC.MP > > ---- > > > > Cheers, > > > > -- > > Olivier
