Macbook DHCP issue.

Matthew Tolle matt at night.com
Fri Nov 30 00:17:38 CET 2012 

Hi folks,

Just wanted to let you know the solution to my issue. The remote site does MAC filtering off the DHCP server to some degree. I didn't know this, I just always set my MAC address to get the same IP each time. Turns out there  is an issue with changing your MAC on the tap0 driver. Doing a TCPdump looking for DHCP packets finally clued me in. The "ifconfig tap0 ether <MAC>" would look like it worked fine. Ifconfig tap0 even reported the set MAC addr, however TCPdump was still showing the original MAC addresses making the DHCP request. 

After a few google search I found this: 

http://sourceforge.net/p/tuntaposx/bugs/14/

Fits my problem exactly. I applied the fix and everything is back to working just fine.

I appreciate all the help.

Thanks,

-Matt




On Nov 28, 2012, at 3:41 PM, Guus Sliepen <guus at tinc-vpn.org> wrote:

> On Wed, Nov 28, 2012 at 09:25:50AM -0700, Matthew Tolle wrote:
> 
>> I set the MAC address by hand on the laptop when I connect so it stays consistent. That way I get the same DHCP address when DHCP is working. 
>> 
>> The script I use to kick off tinc on the laptop does the following: 
>> 
>> clears the logfile /var/log/tinc
>> opens logfile for reading
>> starts tinc: /opt/local/sbin/tincd --logfile=/var/log/tinc --pidfile=/var/run/tincd.pid --debug=5 -n vpn
>> waits till tap0 comes online. uses ifconfig to gather this info.
>> sets MAC addr: /sbin/ifconfig tap0 ether <MAC>
>> Waits for tinc to come online. Reads the log file for this information. 
>> sleep 2
>> requests a DHCP address: /usr/sbin/ipconfig set tap0 DHCP
>> waits for interface to get an address. Uses ifconfig to gather this info.
>> adds a bunch of routes.
> 
> Hm, that sounds a bit complicated. I think you can do it without having a
> script that parses tinc's log output. You should have two scripts:
> 
> tinc-up:
> 
> #!/bin/sh
> ifconfig $INTERFACE ether <MAC>
> 
> hosts/remote-up:
> 
> #!/bin/sh
> ipconfig set $INTERFACE DHCP
> route add ...
> 
> The script "remote-up" in the hosts/ directory is executed as soon as the node
> "remote" comes online. If you can really only add routes after DHCP finished
> configuring the interface, then you should either check if the DHCP client can
> somehow execute a script when it's done, or otherwise run another script from
> remote-up in the background, which then polls the interface.
> 
>> As to a firewall.. not sure my laptop has a firewall. The remote side does have one. I don't think it's the problem. A linux box at home with the same configuration a the laptop works just fine. If I understand Tinc correctly once the link is up it acts as just a normal interface. So if my laptop can DHCP an address when at the remote site then it should work exactly the same remotely when tinc is connected and online. It would be different if it didn't work both onsite and didn't work remotely with tinc. 
> 
> Well, the firewall rules can be different for the LAN interface than for the
> VPN interface. Also, the DHCP server might only listen on the LAN interface for
> some reason.
> 
> -- 
> Met vriendelijke groet / with kind regards,
>     Guus Sliepen <guus at tinc-vpn.org>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20121129/efc93f32/attachment.html>

More information about the tinc mailing list