Am 30.07.2009 um 10:47 schrieb Stefan Bethke:
I'm leaving off freebsd-current, since I believe the problem is in OpenVPN's tun.c, as pointed out by Matthias below.Some background on my issue: FreeBSD 8.0-beta2 has apparently introduced a change where the previously working ifconfig invocation is now failing. I'm leaving out the discussion on what exactly that change is and if this effect is desired or not, but concentrate on what OpenVPN is trying to do. We're strictly talking --topology subnet here. tap's are not affected. I haven't tested any other topology. As can be seen in the commit below, ifconfig is invoked with both the local and the remote IP address set to the server-assigned local address. If this code could be changed to call ifconfig with the local address and the server's VPN address (I believe generally .1) things should be fine. (Also on earlier versions of FreeBSD.) It might be necessary to install an explicit route for the subnet, sinceFreeBSD will only install a host route for the remote end of the point-to-point link. Please note that FreeBSD's tun interface is always inpoint-to-point mode, and cannot be configured as a broadcast interface.
Luckily, FreeBSD's tun can be switched from point-to-point mode to broadcast. The attached patch does this. I've tested this successfully on FreeBSD 7-stable and 8-beta2, with server and client in --topology subnet and net30 modes.
Stefan
patch-tun.c
Description: Binary data
-- Stefan Bethke <s...@lassitu.de> Fon +49 151 14070811
