I'm reading this now and might be worth looking at although it's old.
http://openvpn.net/archive/openvpn-users/2006-10/msg00120.html
// Brad
On Feb 7, 2010, at 10:53 AM, Michael Hieb wrote:
Yes. I may have missed a trick, so tell me if you think I got it
wrong.
1. Can be used to change DNS setting permanently for interfaces
which exist in the configd configuration, e.g. Ethernet/Airport
2. Cannot be used to put default routing in the configd configuration.
What you need (and I haven't been able to figure out how to do this)
is a way to use networksetup to tell configd about the tap interface
and what DNS and routing are associated with the tap interface. Sort
of like what you can do in the dynamic configuration with ifconfig
and scutil which works until configd comes along and clobbers your
settings.
So networksetup will do things like
networksetup --setdnsserver [ETHERNET|AIRPORT] x.x.x.x
When what you want is something like
networksetup --setdnsserver [TAP] x.x.x.x
networksetup -setdefaultroute [TAP] g.g.g.g
If you see what I mean...
On 07/02/2010 18:25, Bradley Giesbrecht wrote:
Have you looked into networksetup?
man networksetup
// Brad
On Feb 7, 2010, at 5:51 AM, Michael Hieb wrote:
Apologies if this is covered elsewhere. I've looked and found no
definitive answers.
Problem:
Using standard install macports openvpn2: OpenVPN creates a tunnel
on a virtual network interface tap0 which is configured via DHCP.
Once up a script is called to update the routing tables and set
DNS. On linux and windows this works and is very stable because
static routing configurations are employed. On Mac OS X v10.6
routing configurations are dynamic and managed by configd. Once
the virtual interface comes up the routing tables and DNS can be
changed, but after a short while, configd will come along and
change the routing and DNS configurations and break the VPN.
This is covered in some detail in this article.
http://www.afp548.com/article.php?story=20041015131913324
Question: How to write the DNS and routing entries into
preferences at the time OpenVPN comes up so that they will persist
when configd updates the system?
Details:
1. Commands used by OpenVPN script to update the routing table and
DNS
/usr/sbin/ipconfig set "$dev" DHCP
/usr/sbin/scutil <<EOF
d.init
get State:/Network/Service/DHCP-$dev/DNS
d.add SupplementalMatchDomains * $domain_name
set State:/Network/Service/DHCP-$dev/DNS
EOF
Feb 7 11:19:36 MacBook-Pro org.openvpn[44]: Sun Feb 7 11:19:36
2010 /sbin/route add -net 192.168.120.1 192.168.1.1 255.255.255.255
Feb 7 11:19:36 MacBook-Pro org.openvpn[44]: add net 192.168.120.1:
gateway 192.168.1.1
Feb 7 11:19:36 MacBook-Pro org.openvpn[44]: Sun Feb 7 11:19:36
2010 /sbin/route delete -net 0.0.0.0 192.168.1.1 0.0.0.0
Feb 7 11:19:36 MacBook-Pro org.openvpn[44]: delete net 0.0.0.0:
gateway 192.168.1.1
Feb 7 11:19:36 MacBook-Pro org.openvpn[44]: Sun Feb 7 11:19:36
2010 /sbin/route add -net 0.0.0.0 192.168.110.1 0.0.0.0
Feb 7 11:19:36 MacBook-Pro org.openvpn[44]: add net 0.0.0.0:
gateway 192.168.110.1
2. Every looks good for a few minutes
MacBook-Pro:~ user$ netstat -r
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.110.1 UGSc 0 0 tap0
default 192.168.110.1 UGScI 41 88 tap0
127 localhost UCS 0 0 lo0
localhost localhost UH 0 0 lo0
169.254 link#5 UCS 0 0 en1
192.168.1 link#5 UC 1 0 en1
192.168.1.1 0:1e:e5:86:79:22 UHLWI 1 17 en1 1187
192.168.1.101 localhost UHS 0 0 lo0
192.168.110 link#7 UCS 2 0 tap0
192.168.110.1 0:17:3f:9b:e3:e2 UHLWI 43 8 tap0 1182
192.168.110.3 0:1c:c0:f:90:3b UHLWI 12 137213 tap0 454
192.168.110.29 localhost UHS 0 0 lo0
192.168.120.1/32 192.168.1.1 UGSc 1 0 en1
MacBook-Pro:~ user$ sudo scutil --dnsDNS configuration
resolver #1
domain : celoso.net
search domain[0] : celoso.net
nameserver[0] : 208.67.222.222
nameserver[1] : 208.67.220.220
nameserver[2] : 4.2.2.3
order : 200000
resolver #2
domain : celoso.net
nameserver[0] : 192.168.110.3
nameserver[1] : 192.168.110.3
order : 100400
3. Then something will trigger configd to update the DNS or
routing tables, the only evidence of which I have been able to
find is the following message in the system.log
Feb 7 11:20:34 MacBook-Pro configd[13]: network configuration
changed.
4. And either the DNS or routing tables will be changed e.g.
MacBook-Pro:~ user$ sudo /usr/sbin/scutil --dns
Password:
DNS configuration
resolver #1
domain : celoso.net
search domain[0] : celoso.net
nameserver[0] : 208.67.222.222
nameserver[1] : 208.67.220.220
nameserver[2] : 4.2.2.3
order : 200000
resolver #2
domain : local
options : mdns
timeout : 2
order : 300000
MacBook-Pro:~ user$ netstat -r
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.1.1 UGSc 0 0 en1
default 192.168.110.1 UGScI 52 81 tap0
127 localhost UCS 0 0 lo0
localhost localhost UH 0 0 lo0
169.254 link#5 UCS 0 0 en1
192.168.1 link#5 UC 1 0 en1
192.168.1.1 0:1e:e5:86:79:22 UHLWI 1 17 en1 1196
192.168.1.101 localhost UHS 0 0 lo0
192.168.110 link#7 UCS 2 0 tap0
192.168.110.1 0:17:3f:9b:e3:e2 UHLWI 54 5 tap0 1199
192.168.110.3 0:1c:c0:f:90:3b UHLWI 0 34 tap0 1161
192.168.110.29 localhost UHS 0 0 lo0
192.168.120.1/32 192.168.1.1 UGSc 1 0 en1
_______________________________________________
macports-users mailing list
[email protected]
http://lists.macosforge.org/mailman/listinfo.cgi/macports-users
_______________________________________________
macports-users mailing list
[email protected]
http://lists.macosforge.org/mailman/listinfo.cgi/macports-users
