OpenVPN and DHCP IPv4 Issue



  • Issue: DHCP IPv4 service is not functioning after connecting to OpenVPN

    You can see from the DHCP logs that this service was functioning up until I connected via OpenVPN. After connecting via OpenVPN my VMs no longer get IPv4 addresses via DHCP.

    As a workaround I then enabled DHCP IPv6 which does work with OpenVPN.

    What I've tried:
    1. disabling / enabling DHCP IPv4 service
    2. disabling / enabling OpenVPN service
    3. rebooting

    Any ideas?

    Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_VER=2.4.4
    Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_PLAT=mac
    Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_PROTO=2
    Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_NCP=2
    Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_LZ4=1
    Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_LZ4v2=1
    Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_LZO=1
    Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_COMP_STUB=1
    Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_COMP_STUBv2=1
    Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_TCPNL=1
    Mar 18 07:32:08	openvpn	66038	24.56.70.218 peer info: IV_GUI_VER="net.tunnelblick.tunnelblick_5010_3.7.5__build_5010)"
    Mar 18 07:32:08	openvpn		user 'masked' authenticated
    Mar 18 07:32:08	openvpn	66038	24.56.70.218 [masked] Peer Connection Initiated with [AF_INET6]::ffff:24.56.70.218:1194 (via ::ffff:174.102.241.214%igb0)
    Mar 18 07:32:08	openvpn	66038	masked/24.56.70.218 MULTI_sva: pool returned IPv4=192.168.40.2, IPv6=(Not enabled)
    
    Mar 18 07:12:00	dhcpd		Wrote 0 deleted host decls to leases file.
    Mar 18 07:12:00	dhcpd		Wrote 0 new dynamic host decls to leases file.
    Mar 18 07:12:00	dhcpd		Wrote 12 leases to leases file.
    Mar 18 07:12:00	dhcpd		DHCPREQUEST for 192.168.50.16 (192.168.50.1) from ba:b2:09:c3:54:4b via igb1
    Mar 18 07:12:00	dhcpd		DHCPACK on 192.168.50.16 to ba:b2:09:c3:54:4b via igb1
    Mar 18 07:13:15	dhcpd		reuse_lease: lease age 75 (secs) under 25% threshold, reply with unaltered, existing lease for 192.168.50.16
    Mar 18 07:13:15	dhcpd		DHCPREQUEST for 192.168.50.16 from ba:b2:09:c3:54:4b via igb1
    Mar 18 07:13:15	dhcpd		DHCPACK on 192.168.50.16 to ba:b2:09:c3:54:4b via igb1
    Mar 18 07:13:50	dhcpd		DHCPREQUEST for 192.168.50.16 from ba:b2:09:c3:54:4b via igb1
    Mar 18 07:13:50	dhcpd		DHCPACK on 192.168.50.16 to ba:b2:09:c3:54:4b (DESKTOP-UK05TE3) via igb1
    Mar 18 07:16:40	dhcpd		DHCPDISCOVER from 4a:e7:a4:1a:c2:b6 via igb1
    Mar 18 07:16:41	dhcpd		DHCPOFFER on 192.168.50.14 to 4a:e7:a4:1a:c2:b6 (kali) via igb1
    Mar 18 07:16:41	dhcpd		DHCPREQUEST for 192.168.50.14 (192.168.50.1) from 4a:e7:a4:1a:c2:b6 (kali) via igb1
    Mar 18 07:16:41	dhcpd		DHCPACK on 192.168.50.14 to 4a:e7:a4:1a:c2:b6 (kali) via igb1
    Mar 18 07:45:52	dhcpd		Internet Systems Consortium DHCP Server 4.3.6
    Mar 18 07:45:52	dhcpd		Copyright 2004-2017 Internet Systems Consortium.
    Mar 18 07:45:52	dhcpd		All rights reserved.
    Mar 18 07:45:52	dhcpd		For info, please visit https://www.isc.org/software/dhcp/
    Mar 18 07:45:52	dhcpd		Config file: /etc/dhcpd.conf
    Mar 18 07:45:52	dhcpd		Database file: /var/db/dhcpd.leases
    Mar 18 07:45:52	dhcpd		PID file: /var/run/dhcpd.pid
    Mar 18 07:45:52	dhcpd		Internet Systems Consortium DHCP Server 4.3.6
    Mar 18 07:45:52	dhcpd		Copyright 2004-2017 Internet Systems Consortium.
    Mar 18 07:45:52	dhcpd		All rights reserved.
    Mar 18 07:45:52	dhcpd		For info, please visit https://www.isc.org/software/dhcp/
    Mar 18 07:45:52	dhcpd		Wrote 0 deleted host decls to leases file.
    Mar 18 07:45:52	dhcpd		Wrote 0 new dynamic host decls to leases file.
    Mar 18 07:45:52	dhcpd		Wrote 12 leases to leases file.
    Mar 18 07:45:52	dhcpd		Listening on BPF/igb1/0c:c4:7a:12:bc:1b/192.168.50.0/24
    Mar 18 07:45:52	dhcpd		Sending on BPF/igb1/0c:c4:7a:12:bc:1b/192.168.50.0/24
    Mar 18 07:45:52	dhcpd		Sending on Socket/fallback/fallback-net
    Mar 18 07:45:52	dhcpd		Server starting service.
    Mar 18 07:46:22	dhcpd		Internet Systems Consortium DHCP Server 4.3.6
    Mar 18 07:46:22	dhcpd		Copyright 2004-2017 Internet Systems Consortium.
    Mar 18 07:46:22	dhcpd		All rights reserved.
    Mar 18 07:46:22	dhcpd		For info, please visit https://www.isc.org/software/dhcp/
    Mar 18 07:46:22	dhcpd		Config file: /etc/dhcpd.conf
    Mar 18 07:46:22	dhcpd		Database file: /var/db/dhcpd.leases
    Mar 18 07:46:22	dhcpd		PID file: /var/run/dhcpd.pid
    Mar 18 07:46:22	dhcpd		Internet Systems Consortium DHCP Server 4.3.6
    Mar 18 07:46:22	dhcpd		Copyright 2004-2017 Internet Systems Consortium.
    Mar 18 07:46:22	dhcpd		All rights reserved.
    Mar 18 07:46:22	dhcpd		For info, please visit https://www.isc.org/software/dhcp/
    Mar 18 07:46:22	dhcpd		Wrote 0 deleted host decls to leases file.
    Mar 18 07:46:22	dhcpd		Wrote 0 new dynamic host decls to leases file.
    Mar 18 07:46:22	dhcpd		Wrote 12 leases to leases file.
    Mar 18 07:46:22	dhcpd		Listening on BPF/igb1/0c:c4:7a:12:bc:1b/192.168.50.0/24
    Mar 18 07:46:22	dhcpd		Sending on BPF/igb1/0c:c4:7a:12:bc:1b/192.168.50.0/24
    Mar 18 07:46:22	dhcpd		Sending on Socket/fallback/fallback-net
    Mar 18 07:46:22	dhcpd		Server starting service.
    


  • You don't say which interface looses dhcp service, or provide other relevant detail that would enable you problem to be solved, like how your vpn is configured address wise.

    It could be that your tunnel network address range clashes with your local address range, and routing goes bad.

    Can you test your config in a sandpit with a pair of VM pfsense in your virtual environment?

    You could try https://github.com/CyberShadow/dhcptest, to see what is going on from client side.

    A package capture on the affected interface could also be insightful.  Capture on pfSense then download to Wireshark for detailed inspection.


Log in to reply