Hello Nikos,
Starting with ocserv 0.12.0: a user connects, and the route changes to
the following:
Fritzbox <--> Backuphostsr
192.168.7.1 192.168.7.13
Default Route: 192.168.7.13
I suspect that default route here is the peer address you see on the
clients right? ocserv sets as its IP the first network address of the
one assigned. With
192.168.7.32/27 you should have
192.168.7.33 (is 13 a typo?)
No typo: in 0.12.0 ocserv sets 192.168.7.13 as default route on the
server (deleting the former 192.168.7.1 route). The ocserv server sets
itself as default route when a client is connecting, which makes no
sense at all. Additionally, of course, it sets the route to my client
peer (192.168.7.33).
When the client is disconnecting, default route is restored to
192.168.7.1 and route to the peer 192.168.7.33 is deleted.
Problem is: the default route setup destroys IPv4 connectivity of the
ocserv server. This behavior is new in 0.12.0. I do not see it in
0.11.12 (both versions self compiled).
Most likely the behavior in 0.11.x is a bug, and it most likely
accidental that it was working. If the first address in the network
doesn't work as default route in your setup you may need to make the
server ocserv runs on capable to route.
An ocserv server with a default route pointing to itself: that can not
be correct behavior.
For debugging: Maybe you could give me some hint. Unfortunately, I was
not able to find the point in the code where ocserv is altering the
routes on the host where it is running. I would like to build a test
version which is not touching my routes. Maybe this helps me to narrow
down the problem. Maybe there is some other mechanism on the server
touching the routes ...
I Thank you very much for your patience and help
Sven
regards,
Nikos
The host backuphostsr is assigned 192.168.7.13. Therefore the default
route points to the host itself. Changig the route notation does not
change anything. After the user disconnects, the correct default route
(192.168.7.1) is restored.
It is a strange behavior ...
Regards
Sven
regards,
Nikos
_______________________________________________
openconnect-devel mailing list
openconnect-devel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/openconnect-devel
_______________________________________________
openconnect-devel mailing list
openconnect-devel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/openconnect-devel
_______________________________________________
openconnect-devel mailing list
openconnect-devel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/openconnect-devel
