You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I use openvpn with IPv6-only (transport and payload).
I want to use dco, but it complains about "topology subnet".
The whole error message is:
May 25 09:19:17 raspberrypi kernel: OpenVPN data channel offload (ovpn-dco) 0.2.20230426 -- (C) 2020-2023 OpenVPN, Inc.
May 25 09:19:31 raspberrypi openvpn[13706]: Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
May 25 09:19:31 raspberrypi openvpn[13706]: Note: NOT using '--topology subnet' disables data channel offload.
May 25 09:19:31 raspberrypi openvpn[13706]: OpenVPN 2.6.4 armv7l-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] [DCO]
May 25 09:19:31 raspberrypi openvpn[13706]: library versions: OpenSSL 3.0.8 7 Feb 2023, LZO 2.10
May 25 09:19:31 raspberrypi openvpn[13706]: DCO version: 0.2.20230426
May 25 09:19:31 raspberrypi openvpn[13707]: net_route_v4_best_gw query: dst 0.0.0.0
May 25 09:19:31 raspberrypi openvpn[13707]: net_route_v4_best_gw result: via 0.0.0.0 dev
May 25 09:19:31 raspberrypi openvpn[13707]: Diffie-Hellman initialized with 2048 bit key
May 25 09:19:32 raspberrypi openvpn[13707]: TUN/TAP device tun0 opened
May 25 09:19:32 raspberrypi openvpn[13707]: net_iface_mtu_set: mtu 1500 for tun0
May 25 09:19:32 raspberrypi openvpn[13707]: net_iface_up: set tun0 up
May 25 09:19:32 raspberrypi openvpn[13707]: net_addr_v6_add: 2001:a61:XXXX:XXXX::1:2/112 dev tun0
May 25 09:19:32 raspberrypi openvpn[13707]: Socket Buffers: R=[131072->131072] S=[16384->16384]
May 25 09:19:32 raspberrypi openvpn[13707]: setsockopt(IPV6_V6ONLY=0)
May 25 09:19:32 raspberrypi openvpn[13707]: Listening for incoming TCP connection on [AF_INET6][undef]:1194
May 25 09:19:32 raspberrypi openvpn[13707]: TCPv6_SERVER link local (bound): [AF_INET6][undef]:1194
May 25 09:19:32 raspberrypi openvpn[13707]: TCPv6_SERVER link remote: [AF_UNSPEC]
May 25 09:19:32 raspberrypi openvpn[13707]: MULTI: multi_init called, r=256 v=256
topology option should not be necessary for ipv6.
The text was updated successfully, but these errors were encountered:
Interfaces are configured differently depending on the subnet. I.e. broadcast/multicast flags on the tun interface. How much impact that has needs further investigation.
So, IPv6 always uses subnets, and never p2p mode. But depending on IPv4 topology, the tun interface might still be in p2p mode, confusing DCO (at least on FreeBSD).
So I think the safest approach here would be "if there is no topology in the config and no IPv4 ifconfig either, then just auto-configure topology subnet". And do not annoy IPv6 people with IPv4 archeology.
I use openvpn with IPv6-only (transport and payload).
I want to use dco, but it complains about "topology subnet".
The whole error message is:
topology option should not be necessary for ipv6.
The text was updated successfully, but these errors were encountered: