Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 233601 - invoking dhclient on tap0 created by openvpn removes default routes
Summary: invoking dhclient on tap0 created by openvpn removes default routes
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: dhcp
Version: 4.4
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
: ---
Assignee: David Cantrell
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-03-23 12:54 UTC by David Kovalsky
Modified: 2014-03-31 23:44 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-04-03 14:56:24 UTC


Attachments (Terms of Use)

Description David Kovalsky 2007-03-23 12:54:16 UTC
So I have a VPN setup - my workstation is the openvpn server with the following
config:
dev tap
port 1000
remote s390x-4as.test.redhat.com
ifconfig 10.204.5.1 255.255.255.0
secret /root/temp.key
auth md5
cipher AES-128-CBC


s390x-4as.test.redhat.com has the following configuration:
dev tap
port 1000
remote kovy.brq.redhat.com
ifconfig 10.204.5.2 255.255.255.0
secret /root/temp.key
auth md5
cipher AES-128-CBC


dhcp server on my workstation:
ddns-update-style ad-hoc;

subnet 10.204.5.0 netmask 255.255.255.0 {
   option routers 10.204.5.1;
   option domain-name "test.redhat.com";
   option domain-name-servers 172.16.52.28;
   max-lease-time 100;
   range 10.204.5.40 10.204.5.50;
}

now when I run start both sides of the vpn and try to acquire dhcp address
through the VPN, I see:

.qa.[root@s390x-4as tps]# dhclient tap0
Internet Systems Consortium DHCP Client V3.0.1
Copyright 2004 Internet Systems Consortium.
All rights reserved.
For info, please visit http://www.isc.org/products/DHCP

/sbin/dhclient-script: configuration for tap0 not found. Continuing with defaults.
/etc/sysconfig/network-scripts/network-functions: line 52: tap0: No such file or
directory
Listening on LPF/tap0/00:ff:a9:d5:cc:35
Sending on   LPF/tap0/00:ff:a9:d5:cc:35
Sending on   Socket/fallback
DHCPDISCOVER on tap0 to 255.255.255.255 port 67 interval 6
DHCPDISCOVER on tap0 to 255.255.255.255 port 67 interval 13
DHCPDISCOVER on tap0 to 255.255.255.255 port 67 interval 15
DHCPDISCOVER on tap0 to 255.255.255.255 port 67 interval 15
DHCPDISCOVER on tap0 to 255.255.255.255 port 67 interval 7


And the default route gets erased, so I can't even ping the machine. 


I have only tested this on s390x.
.qa.[root@s390x-4as ~]# rpm -qf `which dhclient`
dhclient-3.0.1-58.EL4.s390x

Comment 1 David Cantrell 2007-04-03 14:56:24 UTC
This isn't supported.  DHCP won't be able to work over the VPN because the
underlying network stack lacks a real layer 2 implementation, which is what DHCP
depends.

Comment 2 David Kovalsky 2007-04-03 15:07:12 UTC
I know this isn't supported. 

The problem I wanted to point to is that the default routes got erased. This
shouldn't happen.


Note You need to log in before you can comment on or make changes to this bug.