-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi -
I've got OpenVPN with ethernet bridging up and it seems to be running fine, but I'm getting a near continous and endless stream of messages to syslog (on the computers on both ends of my VPN), even after shutting down OpenVPN like:
~ ... Jun 10 13:58:42 pwrslak kernel: skb: pf=2 (unowned) dev=br0 len=52 Jun 10 13:58:42 pwrslak kernel: PROTO=6 192.168.0.8:33010 192.168.0.10:22 L=52 S=0x10 I=2685 F=0x4000 T=64 Jun 10 13:58:44 pwrslak kernel: nf_hook: hook 0 already set. Jun 10 13:58:44 pwrslak kernel: skb: pf=2 (unowned) dev=br0 len=46 Jun 10 13:58:44 pwrslak kernel: PROTO=6 192.168.0.17:1067 64.12.29.217:5190 L=46 S=0x00 I=44292 F=0x4000 T=128 Jun 10 13:58:44 pwrslak kernel: ip_finish_output: bad unowned skb = c3521d40: PRE_ROUTING LOCAL_IN FORWARD POST_ROUTING Jun 10 13:58:44 pwrslak kernel: skb: pf=2 (unowned) dev=eth0 len=46 Jun 10 13:58:44 pwrslak kernel: PROTO=6 205.240.139.66:1067 64.12.29.217:5190 L=46 S=0x00 I=44292 F=0x4000 T=127 Jun 10 13:58:44 pwrslak kernel: nf_hook: hook 0 already set. Jun 10 13:58:44 pwrslak kernel: skb: pf=2 (unowned) dev=br0 len=100 ~ ... ad nauseum
These caused my syslog files to get huge to the point where I've had to temporarily disable kernel warning messages in syslog.conf on both ends.
Anyone here know what I should look at from this or how to quiet these messages down short of turning off kernel warning messages if they are benign?
They look to me like they must be coming from the bridging... because they continue even when OpenVPN is shut down and I've tried muting the messages from OpenVPN. They only stop when I take down the bridge. Taking down the firewall didn't make any difference either. Also, If I don't use bridging or tun/tap but just use the eth1's to connect to the lans I don't get any weird warning messages. Just when I use bridging.
I also searched through the FAQs, documentation, and forums at the http://bridge.sf.net site, Google, etc. I haven't found anything that looked like this particular problem. I noticed there were a variety of patches available for various kernels having to do with bridging... but it wasn't clear to me that any of these were applicable.
Help?
Additional information:
Running Slackware 9-current with kernel 2.4.20 on both ends. Using bridge-utils-0.9.6 and OpenVPN-1.4.1 on both ends.
Here's a crude diagram of how I'm using this:
~ |--------local---------| |--------remote----------| ~ Slackware 9 Linux (current) Slackware 9 Linux (current) ~ P166-SMP P166
~ |-- br0 --- firewall --- eth0 --- INET --- ppp0 --- firewall --- br0 --| ~ | 192.168.0.10 dhcp dhcp 192.168.0.24 | ~ | (xxx.xxx.xxx.xxx) (xxx.xxx.xxx.xxx) | ~ | | ~ |--- tap0 UDP: 5000 ================================ tap0 UDP: 5000 ---| ~ | | ~ |--- eth0 0.0.0.0 eth0: 0.0.0.0 ---| ~ | | ~ HUB HUB ~ 192.168.0.0/24 192.168.0.0/24
I'm bringing up the bridges with the usual:
/sbin/modprobe tun /sbin/modprobe bridge
/usr/sbin/openvpn --mktun --dev tap0
/usr/sbin/brctl addbr br0 /usr/sbin/brctl addif br0 tap0 /usr/sbin/brctl addif br0 eth1
/sbin/ifconfig tap0 0.0.0.0 promisc up /sbin/ifconfig eth1 0.0.0.0 promisc up
# The remote end has br0 192.168.0.24 (That's what all their clients happened to # be pointing to as their default gateway) Mine had 192.168.0.10. Not great # choices... but I can give them different ip's later. # local /sbin/ifconfig br0 192.168.0.10 netmask 255.255.255.0 broadcast 192.168.0.255 # remote # /sbin/ifconfig br0 192.168.0.24 netmask 255.255.255.0 broadcast 192.168.0.255 ...
Could this be a kernel problem? Any help appreciated.
Thanks -
Chuck Bell [EMAIL PROTECTED]
- ------------------------ "I just got back from a planet where the dominant lifeform ~ had no bilateral symmetry, and all I got was this stupid F-Shirt." -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE+592yNa71ZM7GXQIRAmzlAJ0TU3qn/Lwxk2ltzRiB/PkFHerLfQCeJTJj xdeJOrg//wPJp4+Rv/oX2eI= =3Ln/ -----END PGP SIGNATURE-----
_______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
