OpenVPN
I am trying to get Network Manager to open up a OpenVPN connection from my Fedora development laptop to my FC4 gateway at home. The OpenVPN connection starts up and is working (as evidenced by the correct routes being installed in the kernel and traffic flowing properly). However, Network Manager doesn't seem to think that the connection was started properly. My laptop is running NetworkManager 0.6.2 (Fedora development rpm) and a CVS checkout of the OpenVPN plugin from yesterday. Here's the log from my laptop: Apr 26 08:17:24 lt16585 NetworkManager: information Will activate VPN connection 'Home', service 'org.freedesktop.NetworkManager.openvpn', user_name 'jcollie', vpn_data 'connection-type / x509 / dev / tun / remote / gw1.ocjtech.us / proto / udp / ca / /home/jcollie/vpn/ca.crt / cert / /home/jcollie/vpn/lt16585.campus.dmacc.edu.crt / key / /home/jcollie/vpn/lt16585.campus.dmacc.edu.key / comp-lzo / no / shared-key / / local-ip / / remote-ip / / username / ', route '172.16.0.0/24 / 172.16.1.0/24'. Apr 26 08:17:24 lt16585 NetworkManager: information VPN Activation (Home) Stage 1 of 4 (Connection Prepare) scheduled... Apr 26 08:17:24 lt16585 NetworkManager: information VPN Activation (Home) Stage 1 of 4 (Connection Prepare) ran VPN service daemon org.freedesktop.NetworkManager.openvpn (PID 9934) Apr 26 08:17:24 lt16585 NetworkManager: information VPN Activation (Home) Stage 1 of 4 (Connection Prepare) complete. Apr 26 08:17:24 lt16585 NetworkManager: information VPN Activation (Home) Stage 2 of 4 (Connection Prepare Wait) scheduled... Apr 26 08:17:24 lt16585 NetworkManager: information VPN service 'org.freedesktop.NetworkManager.openvpn' signaled state change 1 - 6. Apr 26 08:17:25 lt16585 NetworkManager: information VPN Activation (Home) Stage 2 of 4 (Connection Prepare Wait) waiting... Apr 26 08:17:25 lt16585 NetworkManager: information VPN Activation (Home) Stage 2 of 4 (Connection Prepare Wait) complete. Apr 26 08:17:25 lt16585 NetworkManager: information VPN Activation (Home) Stage 3 of 4 (Connect) scheduled... Apr 26 08:17:25 lt16585 NetworkManager: information VPN Activation (Home) Stage 3 of 4 (Connect) sending connect request. Apr 26 08:17:25 lt16585 NetworkManager: information VPN Activation (Home) Stage 3 of 4 (Connect) request sent, waiting for reply... Apr 26 08:17:25 lt16585 NetworkManager: information VPN service 'org.freedesktop.NetworkManager.openvpn' signaled state change 6 - 3. Apr 26 08:17:25 lt16585 NetworkManager: information VPN Activation (Home) Stage 3 of 4 (Connect) reply received. Apr 26 08:17:25 lt16585 NetworkManager: information VPN Activation (Home) Stage 4 of 4 (IP Config Get) timeout scheduled... Apr 26 08:17:25 lt16585 NetworkManager: information VPN Activation (Home) Stage 3 of 4 (Connect) complete, waiting for IP configuration... Apr 26 08:17:25 lt16585 nm-openvpn[9936]: OpenVPN 2.1_beta14 i386-redhat-linux-gnu [SSL] [LZO1] [EPOLL] built on Apr 14 2006 Apr 26 08:17:25 lt16585 nm-openvpn[9936]: UDPv4 link local: [undef] Apr 26 08:17:25 lt16585 nm-openvpn[9936]: UDPv4 link remote: 63.175.164.239:1194 Apr 26 08:17:27 lt16585 nm-openvpn[9936]: [gw1.ocjtech.us] Peer Connection Initiated with 63.175.164.239:1194 Apr 26 08:17:28 lt16585 nm-openvpn[9936]: TUN/TAP device tun0 opened Apr 26 08:17:28 lt16585 nm-openvpn[9936]: /sbin/ip link set dev tun0 up mtu 1500 Apr 26 08:17:28 lt16585 nm-openvpn[9936]: /sbin/ip addr add dev tun0 local 172.16.1.6 peer 172.16.1.5 Apr 26 08:17:28 lt16585 nm-openvpn[9936]: /usr/bin/nm-openvpn-service-openvpn-helper tun0 1500 1541 172.16.1.6 172.16.1.5 init Apr 26 08:17:28 lt16585 NetworkManager: information VPN Activation (Home) Stage 4 of 4 (IP Config Get) reply received. Apr 26 08:17:28 lt16585 NetworkManager: WARNINGget_dbus_string_helper (): Error: couldn't get DNS Domain from VPN IP Config message. Apr 26 08:17:28 lt16585 NetworkManager: WARNING nm_vpn_service_stage4_ip_config_get (): (VPN Service org.freedesktop.NetworkManager.openvpn): did not receive valid IP config information. Apr 26 08:17:28 lt16585 NetworkManager: information VPN Activation (Home) failed. Apr 26 08:17:28 lt16585 NetworkManager: information VPN service 'org.freedesktop.NetworkManager.openvpn' signaled state change 3 - 4. Apr 26 08:17:28 lt16585 NetworkManager: information VPN service 'org.freedesktop.NetworkManager.openvpn' signaled state change 4 - 5. Apr 26 08:17:28 lt16585 NetworkManager: information VPN service 'org.freedesktop.NetworkManager.openvpn' signaled state change 5 - 6. Apr 26 08:17:28 lt16585 nm-openvpn[9936]: Initialization Sequence Completed signature.asc Description: This is a digitally signed message part ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: OpenVPN
I've dug into the code a bit and come up with the attached patch, but it still doesn't seem to be working. Watching the system bus with dbus-monitor shows the following DBus message being sent: signal sender=:1.54 - dest=(null destination) interface=org.freedesktop.NetworkManager.openvpn; member=IP4Config uint32 4020547391 string tun0 uint32 100733100 uint32 83955884 uint32 16777215 [uint32 33558700 ][uint32 0 ]uint32 0 string string This shows that the additional parameters I added to the DBus message are there. This is my first attempt at hacking DBus/NetworkManager so I'm sure I've done something completely boneheaded here... On Wed, 2006-04-26 at 08:42 -0500, Jeffrey C. Ollie wrote: I am trying to get Network Manager to open up a OpenVPN connection from my Fedora development laptop to my FC4 gateway at home. The OpenVPN connection starts up and is working (as evidenced by the correct routes being installed in the kernel and traffic flowing properly). However, Network Manager doesn't seem to think that the connection was started properly. My laptop is running NetworkManager 0.6.2 (Fedora development rpm) and a CVS checkout of the OpenVPN plugin from yesterday. Here's the log from my laptop: Apr 26 08:17:24 lt16585 NetworkManager: information Will activate VPN connection 'Home', service 'org.freedesktop.NetworkManager.openvpn', user_name 'jcollie', vpn_data 'connection-type / x509 / dev / tun / remote / gw1.ocjtech.us / proto / udp / ca / /home/jcollie/vpn/ca.crt / cert / /home/jcollie/vpn/lt16585.campus.dmacc.edu.crt / key / /home/jcollie/vpn/lt16585.campus.dmacc.edu.key / comp-lzo / no / shared-key / / local-ip / / remote-ip / / username / ', route '172.16.0.0/24 / 172.16.1.0/24'. Apr 26 08:17:24 lt16585 NetworkManager: information VPN Activation (Home) Stage 1 of 4 (Connection Prepare) scheduled... Apr 26 08:17:24 lt16585 NetworkManager: information VPN Activation (Home) Stage 1 of 4 (Connection Prepare) ran VPN service daemon org.freedesktop.NetworkManager.openvpn (PID 9934) Apr 26 08:17:24 lt16585 NetworkManager: information VPN Activation (Home) Stage 1 of 4 (Connection Prepare) complete. Apr 26 08:17:24 lt16585 NetworkManager: information VPN Activation (Home) Stage 2 of 4 (Connection Prepare Wait) scheduled... Apr 26 08:17:24 lt16585 NetworkManager: information VPN service 'org.freedesktop.NetworkManager.openvpn' signaled state change 1 - 6. Apr 26 08:17:25 lt16585 NetworkManager: information VPN Activation (Home) Stage 2 of 4 (Connection Prepare Wait) waiting... Apr 26 08:17:25 lt16585 NetworkManager: information VPN Activation (Home) Stage 2 of 4 (Connection Prepare Wait) complete. Apr 26 08:17:25 lt16585 NetworkManager: information VPN Activation (Home) Stage 3 of 4 (Connect) scheduled... Apr 26 08:17:25 lt16585 NetworkManager: information VPN Activation (Home) Stage 3 of 4 (Connect) sending connect request. Apr 26 08:17:25 lt16585 NetworkManager: information VPN Activation (Home) Stage 3 of 4 (Connect) request sent, waiting for reply... Apr 26 08:17:25 lt16585 NetworkManager: information VPN service 'org.freedesktop.NetworkManager.openvpn' signaled state change 6 - 3. Apr 26 08:17:25 lt16585 NetworkManager: information VPN Activation (Home) Stage 3 of 4 (Connect) reply received. Apr 26 08:17:25 lt16585 NetworkManager: information VPN Activation (Home) Stage 4 of 4 (IP Config Get) timeout scheduled... Apr 26 08:17:25 lt16585 NetworkManager: information VPN Activation (Home) Stage 3 of 4 (Connect) complete, waiting for IP configuration... Apr 26 08:17:25 lt16585 nm-openvpn[9936]: OpenVPN 2.1_beta14 i386-redhat-linux-gnu [SSL] [LZO1] [EPOLL] built on Apr 14 2006 Apr 26 08:17:25 lt16585 nm-openvpn[9936]: UDPv4 link local: [undef] Apr 26 08:17:25 lt16585 nm-openvpn[9936]: UDPv4 link remote: 63.175.164.239:1194 Apr 26 08:17:27 lt16585 nm-openvpn[9936]: [gw1.ocjtech.us] Peer Connection Initiated with 63.175.164.239:1194 Apr 26 08:17:28 lt16585 nm-openvpn[9936]: TUN/TAP device tun0 opened Apr 26 08:17:28 lt16585 nm-openvpn[9936]: /sbin/ip link set dev tun0 up mtu 1500 Apr 26 08:17:28 lt16585 nm-openvpn[9936]: /sbin/ip addr add dev tun0 local 172.16.1.6 peer 172.16.1.5 Apr 26 08:17:28 lt16585 nm-openvpn[9936]: /usr/bin/nm-openvpn-service-openvpn-helper tun0 1500 1541 172.16.1.6 172.16.1.5 init Apr 26 08:17:28 lt16585 NetworkManager: information VPN Activation (Home) Stage 4 of 4 (IP Config Get) reply received. Apr 26 08:17:28 lt16585 NetworkManager: WARNING get_dbus_string_helper (): Error: couldn't get DNS Domain from VPN IP Config message. Apr 26 08:17:28 lt16585 NetworkManager: WARNING nm_vpn_service_stage4_ip_config_get (): (VPN Service org.freedesktop.NetworkManager.openvpn): did not receive valid IP config information. Apr 26 08:17:28 lt16585 NetworkManager: information VPN Activation (Home) failed. Apr 26 08:17:28 lt16585
Re: NetworkManager and STP
On Tue, 2006-03-14 at 10:41 -0500, Dan Williams wrote: On Tue, 2006-03-14 at 10:24 -0500, Darren Albers wrote: I just tried to use NM and a Cisco 2950 switch without portfast enabled, this resulted in NetworkManager assigning me a 169.x address. When I tried this on a 3550 it went from Blocking to Forwarding a lot quicker so NM worked fine and anyone who sets up a switch for user access is probably going to enable portfast so this may not be a big deal and might only affect a small number of users who probably work in a Datacenter and know to just click on NM and have it reconnect to the wired. I don't know of any way for NM to detect that a switch is going through all the STP checks so maybe the ethernet timeout could be increased a little? In theory, NetworkManager could listen for Spanning Tree BPDUs to determine whether Spanning Tree was in use on the port. In this case my switch went from blocking to forwarding about 3 seconds after NM gave up and assigned me a 169 address so it should not need to be much longer... What's the situation here? NM only cares if the machine's ethernet card has a link or not, which is reported by the driver for the card itself. Once the driver reports that it has a link, NM will attempt to acquire a DHCP address on that port. Are you saying that the switch takes a long time to actually start passing traffic from the machine on which NM is running, even though the port is active? Yes, when the full Spanning Tree protocol is in use on a port, it can take 15 seconds from the time that the switch detects link on the port and the time that the switch will start to forward data frames. The Cisco spanning-tree portfast modifies the Spanning Tree protocol so that the port goes immediately from the blocking state to the forwarding state (bypassing the listening and learning states). Other switch vendors have similar methods of disabling/modifying Spanning Tree to avoid this problem. Jeff signature.asc Description: This is a digitally signed message part ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Activation Too Long?
On Fri, 2006-02-03 at 19:14 -0500, Ryan Skadberg wrote: Is there any way I can turn some sort of debugging on to see the dbus sends? dbus-monitor Jeff signature.asc Description: This is a digitally signed message part ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list