On 2014-10-20, Nicolas Haller <[email protected]> wrote: > So, where are the OpenBSD HELLO packets? I don't know. A tcpdump on the > FreeBSD's tun interface shows nothing is received. A tcpdump on the > OpenBSD tun interface shows the packet seems to be sent. > Using ktrace/kdump on the OpenVPN daemon on the OpenBSD server, it seems > the daemon does nothing to send the HELLO packet, like it's not aware it > has to send these packets.
Don't rule out bugs in the OpenVPN port on OpenBSD. Despite user requests for version updates and tweaks to the port there has been an almost complete lack of feedback when updates have been sent out for testing, so it's possible problems may have crept in, especially in less frequently used areas. I'm not sure how to remove OpenVPN from the equation whilst still using tun to test things (ssh has tun-forwarding, but it doesn't set the multicast flag on the interface, and might not handle multicast at all even if you did force the flag e.g. by running OpenVPN on the interface first to set IFF_MULTICAST). I'd probably start by bumping up verbosity in OpenVPN config and try and track things down from that side.. > I did the test with pf disabled on both server. I tried to remove the > 224/4 and ::224.0.0.0/100 routes from the OpenBSD routing table. btw, the standard method for this is "multicast_host=YES" in rc.conf.local.
