Re: IPv6 in network-manager-openvpn

From: Dan Williams <dcbw redhat com>
To: Tore Anderson <tore fud no>
Cc: networkmanager-list gnome org
Subject: Re: IPv6 in network-manager-openvpn
Date: Tue, 17 Dec 2013 17:02:46 -0600

On Tue, 2013-12-17 at 11:57 +0100, Tore Anderson wrote:

* Nicolas Iooss

A few weeks ago I ran into a bug in NetworkManager: even though OpenVPN
now supports IPv6 in tunnels, the OpenVPN plugin of NetworkManager
doesn't support it. I found bug 682620
(https://bugzilla.gnome.org/show_bug.cgi?id=682620) and I've implemented
some of the missing features with the help
of network-manager-openconnect commits (basically the IPv6 payload part,
not the IPv6 endpoint one). My patches are attached to this email. Can
someone review them and tell me what may be wrong with them? As I'm new
with NetworkManager, I think there must be some mistakes in my code.


Hello Nicolas,

I (and pretty much all of my colleagues) have been happily using your
patches since they were posted with no issues. It's a shame they haven't
been included upstream a long time ago. However, it appears that a 
change in the version of NetworkManager or NetworkManager-openvpn
included in Fedora 20 have broken them. When I connect to a VPN server
that pushes IPv6 routing information, NetworkManager crashes completely.
The crash happens even if I've set the IPv6 method on the VPN connection
to "ignore". Also, the tunnel itself may go over IPv4, the crash still
happens.

<info> VPN connection 'foo' (IP6 Config Get) reply received.
<info> VPN Gateway: 192.0.2.1
<info> Tunnel Device: tun0
<info> IPv4 configuration:
<info>   Internal Gateway: 100.66.2.5
<info>   Internal Address: 100.66.2.6
<info>   Internal Prefix: 32
<info>   Internal Point-to-Point Address: 100.66.2.5
<info>   Maximum Segment Size (MSS): 0
<info>   Static Route: 10.0.0.0/8   Next Hop: 100.66.2.5
<info>   Static Route: [..SNIP..]
<info>   Forbid Default Route: yes
<info>   Internal DNS: 10.0.0.10
<info>   DNS Domain: 'foobar.no'
<info> IPv6 configuration:
<info>   Internal Address: 2001:db8::1000
<info>   Internal Prefix: 112
<info>   Internal Point-to-Point Address: 2001:db8::1
<info>   Maximum Segment Size (MSS): 0
<info>   Static Route: 2001:db8::/32   Next Hop: 2001:db8::1
<info>   Static Route: [..SNIP..]
<info>   Forbid Default Route: yes
<info>   DNS Domain: 'foobar.no'
<info> (tun0): link connected
**
ERROR:platform/nm-linux-platform.c:2212:build_rtnl_addr: assertion failed: (!nle)

Hope this can be fixed and updated patches posted...


Is that with NM git master, and if so, what date?  The reason I ask is
because we broke PtP addresses until 2013-12-02, fixed in commit
f099a04132241790c8f88a651ece49f5c2783d12.  The error you're getting may
well be the kernel complaining that it cannot reach the static route,
because it knows nothing about the next hop, because the PtP address
wasn't assigned correctly.

Dan

Follow-Ups:
- Re: IPv6 in network-manager-openvpn
  - From: Tore Anderson

References:
- Re: IPv6 in network-manager-openvpn
  - From: Tore Anderson

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]