Should iproute2's ip addr add command explicitly include a broadcast address for OpenVPN client?

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
ctong
OpenVpn Newbie
Posts: 1
Joined: Mon Aug 02, 2021 7:32 pm

Should iproute2's ip addr add command explicitly include a broadcast address for OpenVPN client?

Post by ctong » Mon Aug 02, 2021 7:54 pm

After debugging some software we are developing using broadcast traffic I noticed that my OpenVPN tap device has a 0.0.0.0 broadcast address that was breaking our broadcast traffic. Setting this to the correct broadcast address manually for the /24 class C sorted the problem out and I then went about trying to find out why the broadcast address is not set correctly on the tap interface.

Digging in the source, it seems that the iproute2 ip addr command in doesn't explicitly add the broadcast argument.

This seems incorrect as far as I can tell because as per the iproute2 documentation: "Unlike ifconfig, the ip command does not set a broadcast address unless explicitly requested."

I'm not sure if this ommision is intentional but as far as I can tell that if ip addr... doesn't generate the right broadcast address then there is no way to achieve this via the OpenVPN client via any other config mechanism (aside from scripting, which seems unnecessary). So perhaps the call to ip addr should have a broadcast argument by default?

I have also been able to correct the behaviour by using the --iproute cmd setting. Simply adding "brd +" (which is to derive the broadcast address from the netmask) to the end of the ip addr command in a script solves the problem.

I am running Gentoo Linux with OpenVPN 2.5.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD]. Other colleagues working in Ubuntu don't seem to have this problem but whether ip addr auto-generates the right broadcast address without the broadcast argument seems to be application specific with the exact behaviour being something I have not been able to pin point.

This seems like a bug, but I figured I better get some opinions first.
Any inputs welcome.

Kind regards
Craig

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Should iproute2's ip addr add command explicitly include a broadcast address for OpenVPN client?

Post by TinCanTech » Mon Aug 02, 2021 8:07 pm

Your config files would help ..

viewtopic.php?f=30&t=22603

Post Reply