Re: [Openvpn-users] Correct way to handle routing when on home network?

Mon, 26 Sep 2022 04:52:42 -0700 

On 26/09/2022 07:53, Jan Just Keijser wrote:

On 23/09/22 23:22, Sebastian Arcus wrote:

On 23/09/2022 22:16, Sebastian Arcus wrote:

[...]
I an update on progress, but to be honest I can't really make sense of what it means. Both the server and the client had 'fragment 1300' in the configs - which I didn't include in my post as I assumed the problem can't have anything to do with MTU's - since traffic through the vpn tunnel was working. Through trial and error I discovered that commenting out 'fragment 1300' on the client, all of a sudden all the smb traffic starts flowing through the lan. I tested several times, enabled and disabled 'fragment 1300', and restarted the computer to be sure - and so far it really seems like it was the culprit. But frankly that doesn't make any sort of sense to me. I'm going back at the end of next week to this site to re-run the tests again and again to be sure - because I can't make sense of why 'fragment 1300' would have been causing smb traffic to be routed through the tunnel. If anyone has any ideas, they are very welcome? 


Actually, testing things remotely again, I can answer this particular 
question myself. Having 'fragment 1300' only on the server effectively 
breaks the tunnel - which I didn't realise when I was on site. That is 
why it seemed to fix things - as with a disconnected tunnel, it forced 
traffic through the lan. I will have to go back there next week and 
look again at things using netstat, as per Selva's suggestion





ah, that makes sense, that removing it on one side breaks the tunnel. 
Things to try next:



- increase verbosity on the samba server and check the logs when the 
client connects; not sure if the IP address will be logged, but it might 
give you a hint



- on the windows client, how are accessing the drive ?  using IP? using 
DNS name? using Netbios name?



- also, things you can test on the Windows 10 client in a 
Command/Console window:


   nbtstat -c
   nbtstat -n
   nbtstat -A 192.168.112.1   ## the samba server IP
   nbtstat -a  Sambaserver    ## the samba server Name


both with the VPN up and down - if the Sambaserver names resolves to a 
.114 address when the VPN is up, then you've found your problem.



Thank you for the extra suggestions. Please find below the output of the 
nbtstat commands, with the vpn up and a large slow file transfer in 
progress, just to be sure the fault was still present at the time. As 
far as I can tell from the output, the server name always resolves to 
the correct IP.



I am accessing the share through a mapped drive, which uses the server 
name. Also, as per my other email this morning, the output of netstat 
during a slow file transfer confirms that the vpn/samba server is being 
accessed by its internal IP address - so it doesn't seem to be a name 
resolution issue.



# nbtstat -c

OpenVPN Wintun:
Node IpAddress: [192.168.114.10] Scope Id: []

                  NetBIOS Remote Cache Name Table

        Name              Type       Host Address    Life [sec]
    ------------------------------------------------------------
    STAPELY-SERVER <00>  UNIQUE          192.168.112.1       484

OpenVPN TAP-Windows6:
Node IpAddress: [0.0.0.0] Scope Id: []

    No names in cache

Ethernet:
Node IpAddress: [192.168.112.53] Scope Id: []

                  NetBIOS Remote Cache Name Table

        Name              Type       Host Address    Life [sec]
    ------------------------------------------------------------
    STAPELY-SERVER <20>  UNIQUE          192.168.112.1       446
    __SAMBA__      <20>  UNIQUE          192.168.112.1       446


# nbtstat -n

OpenVPN Wintun:
Node IpAddress: [192.168.114.10] Scope Id: []

                NetBIOS Local Name Table

       Name               Type         Status
    ---------------------------------------------
    WKS-03-STAPELY <00>  UNIQUE      Registered
    STAPELYCARE    <00>  GROUP       Registered
    WKS-03-STAPELY <20>  UNIQUE      Registered

OpenVPN TAP-Windows6:
Node IpAddress: [0.0.0.0] Scope Id: []

    No names in cache

Ethernet:
Node IpAddress: [192.168.112.53] Scope Id: []

                NetBIOS Local Name Table

       Name               Type         Status
    ---------------------------------------------
    WKS-03-STAPELY <00>  UNIQUE      Registered
    STAPELYCARE    <00>  GROUP       Registered
    WKS-03-STAPELY <20>  UNIQUE      Registered


# nbtstat -A 192.168.112.1

OpenVPN Wintun:
Node IpAddress: [192.168.114.10] Scope Id: []

           NetBIOS Remote Machine Name Table

       Name               Type         Status
    ---------------------------------------------
    STAPELY-SERVER <00>  UNIQUE      Registered
    STAPELY-SERVER <03>  UNIQUE      Registered
    STAPELY-SERVER <20>  UNIQUE      Registered
    STAPELYCARE    <1B>  UNIQUE      Registered
    STAPELYCARE    <1C>  GROUP       Registered
    STAPELYCARE    <00>  GROUP       Registered
    __SAMBA__      <00>  GROUP       Registered
    __SAMBA__      <20>  GROUP       Registered

    MAC Address = F0-97-AA-4B-2A-7F


OpenVPN TAP-Windows6:
Node IpAddress: [0.0.0.0] Scope Id: []

    Host not found.

Ethernet:
Node IpAddress: [192.168.112.53] Scope Id: []

           NetBIOS Remote Machine Name Table

       Name               Type         Status
    ---------------------------------------------
    STAPELY-SERVER <00>  UNIQUE      Registered
    STAPELY-SERVER <03>  UNIQUE      Registered
    STAPELY-SERVER <20>  UNIQUE      Registered
    STAPELYCARE    <1B>  UNIQUE      Registered
    STAPELYCARE    <1C>  GROUP       Registered
    STAPELYCARE    <00>  GROUP       Registered
    __SAMBA__      <00>  GROUP       Registered
    __SAMBA__      <20>  GROUP       Registered

    MAC Address = F0-97-AA-4B-2A-7F

# nbtstat -a stapely-server

OpenVPN Wintun:
Node IpAddress: [192.168.114.10] Scope Id: []

           NetBIOS Remote Machine Name Table

       Name               Type         Status
    ---------------------------------------------
    STAPELY-SERVER <00>  UNIQUE      Registered
    STAPELY-SERVER <03>  UNIQUE      Registered
    STAPELY-SERVER <20>  UNIQUE      Registered
    STAPELYCARE    <1B>  UNIQUE      Registered
    STAPELYCARE    <1C>  GROUP       Registered
    STAPELYCARE    <00>  GROUP       Registered
    __SAMBA__      <00>  GROUP       Registered
    __SAMBA__      <20>  GROUP       Registered

    MAC Address = F0-97-AA-4B-2A-7F


OpenVPN TAP-Windows6:
Node IpAddress: [0.0.0.0] Scope Id: []

    Host not found.

Ethernet:
Node IpAddress: [192.168.112.53] Scope Id: []

           NetBIOS Remote Machine Name Table

       Name               Type         Status
    ---------------------------------------------
    STAPELY-SERVER <00>  UNIQUE      Registered
    STAPELY-SERVER <03>  UNIQUE      Registered
    STAPELY-SERVER <20>  UNIQUE      Registered
    STAPELYCARE    <1B>  UNIQUE      Registered
    STAPELYCARE    <1C>  GROUP       Registered
    STAPELYCARE    <00>  GROUP       Registered
    __SAMBA__      <00>  GROUP       Registered
    __SAMBA__      <20>  GROUP       Registered

    MAC Address = F0-97-AA-4B-2A-7F


_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

























					Reply via email to