TUN dhcp server assignment
Posted: Fri Jan 30, 2015 2:12 am
Hello.
I'm running a routed tunnel, and I'm currently routing all traffic through the tunnel. The tunnel is 192.168.60.0/24. The configuration works fine, I can connect, browse the internet, DNS is being routed through the tunnel as well. All is good. I have a route pushed for my local LAN and can access that as well. I am using topology subnet. I have noticed that the TAP adapter in Windows gets a DHCP server assignment of 192.168.60.254. I'm not sure why it does this, or if its just the nature of the TAP adapter itself, but with topology subnet, all addresses are supposed to be useable with the exception of .1 as the server, and .255 which would normally be the broadcast address. Where does this .254 DHCP server address come from? It appears from thin air. The address is not pingable/reachable. I have searched high and low for an answer. I'm not sure why it gets passed at all, since OpenVPN handles the IP assignments based on the server config. I have pasted the server and client configs below, and a copy of the message where the actual DHCP assignment is made.
SERVER CONFIG:
proto udp
port 1199
dev tun0
topology subnet
server 192.168.60.0 255.255.255.0
push "redirect-gateway def1"
push "route 172.16.5.0 255.255.255.0"
push "dhcp-option DOMAIN home.ld"
push "dhcp-option DNS 172.16.5.1"
dh dh.pem
pkcs12 server.p12
cipher AES-256-CBC
auth SHA256
comp-lzo
verb 4
persist-key
persist-tun
ping-timer-rem
keepalive 10 60
client-to-client
log-append /etc/openvpn/openvpn.log
CLIENT CONFIG:
client
dev tun
proto udp
port 1199
pkcs12 cert.p12
remote 72.227.87.144 1199
auth SHA256
cipher AES-256-CBC
keepalive 10 60
persist-key
persist-tun
ping-timer-rem
comp-lzo
verb 5
register-dns
And then this line, which shows the assignment of 192.168.60.254 as the DHCP Server:
Thu Jan 29 20:51:44 2015 us=371513 Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.60.2/255.255.255.0 on interface {B97A0880-A618-4390-8AC9-E3DA00C4DD96} [DHCP-serv: 192.168.60.254, lease-time: 31536000]
I'm just not sure where this assignment comes from. The reading I did on subnet topology led me to believe all address would be useable, up to .254. However, if this is getting pushed as a DHCP server, and say I had 254 clients connected to my server, wouldn't that cause a problem? Its not an operational issue, its just curiosity on my part. I'm wondering where this assignment comes from. Any help is appreciated. As I said, the connection and server both work flawlessly as of right now, everything is fine, just curious.
I'm running a routed tunnel, and I'm currently routing all traffic through the tunnel. The tunnel is 192.168.60.0/24. The configuration works fine, I can connect, browse the internet, DNS is being routed through the tunnel as well. All is good. I have a route pushed for my local LAN and can access that as well. I am using topology subnet. I have noticed that the TAP adapter in Windows gets a DHCP server assignment of 192.168.60.254. I'm not sure why it does this, or if its just the nature of the TAP adapter itself, but with topology subnet, all addresses are supposed to be useable with the exception of .1 as the server, and .255 which would normally be the broadcast address. Where does this .254 DHCP server address come from? It appears from thin air. The address is not pingable/reachable. I have searched high and low for an answer. I'm not sure why it gets passed at all, since OpenVPN handles the IP assignments based on the server config. I have pasted the server and client configs below, and a copy of the message where the actual DHCP assignment is made.
SERVER CONFIG:
proto udp
port 1199
dev tun0
topology subnet
server 192.168.60.0 255.255.255.0
push "redirect-gateway def1"
push "route 172.16.5.0 255.255.255.0"
push "dhcp-option DOMAIN home.ld"
push "dhcp-option DNS 172.16.5.1"
dh dh.pem
pkcs12 server.p12
cipher AES-256-CBC
auth SHA256
comp-lzo
verb 4
persist-key
persist-tun
ping-timer-rem
keepalive 10 60
client-to-client
log-append /etc/openvpn/openvpn.log
CLIENT CONFIG:
client
dev tun
proto udp
port 1199
pkcs12 cert.p12
remote 72.227.87.144 1199
auth SHA256
cipher AES-256-CBC
keepalive 10 60
persist-key
persist-tun
ping-timer-rem
comp-lzo
verb 5
register-dns
And then this line, which shows the assignment of 192.168.60.254 as the DHCP Server:
Thu Jan 29 20:51:44 2015 us=371513 Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.60.2/255.255.255.0 on interface {B97A0880-A618-4390-8AC9-E3DA00C4DD96} [DHCP-serv: 192.168.60.254, lease-time: 31536000]
I'm just not sure where this assignment comes from. The reading I did on subnet topology led me to believe all address would be useable, up to .254. However, if this is getting pushed as a DHCP server, and say I had 254 clients connected to my server, wouldn't that cause a problem? Its not an operational issue, its just curiosity on my part. I'm wondering where this assignment comes from. Any help is appreciated. As I said, the connection and server both work flawlessly as of right now, everything is fine, just curious.