Mathieu,
I don't think 0.0.0.0 will ever appear as a VPN tunnel endpoint in any
sane environment, oh please. You are ignoring how VPNC works. VPNC
creates point-to-point connections, and routes the traffic through the
tunnel. The netmask is not used for the endpoint, but for the route
created afterwards. If you check /etc/vpnc/vpnc-script (which is the
default setup script used by vpnc-connect, and which NetworkManager
overrides), it has these commands:
# Point to point interface require a netmask of 255.255.255.255 on some
systems
ifconfig "$TUNDEV" inet "$INTERNAL_IP4_ADDRESS" $ifconfig_syntax_ptp
"$INTERNAL_IP4_ADDRESS" netmask 255.255.255.255 mtu ${MTU} up
if [ -n "$INTERNAL_IP4_NETMASK" ]; then
set_network_route $INTERNAL_IP4_NETADDR $INTERNAL_IP4_NETMASK
$INTERNAL_IP4_NETMASKLEN
fi
Note that the endpoint address netmask is _always_ 255.255.255.255,
a.k.a. /32. The set_network_route function above only sets the endpoint
route, not the default route (another function does that). For your
convenience (IPROUTE=ip):
set_network_route() {
NETWORK="$1"
NETMASK="$2"
NETMASKLEN="$3"
$IPROUTE route replace "$NETWORK/$NETMASKLEN" dev "$TUNDEV"
$IPROUTE route flush cache
}
When INTERNAL_IP_NETMASK is not set, this function is not called, which
makes sense exactly when the internal netmask is /32 (there is no point
in such route, since it is always local).
When using vpnc-connect, which uses the script above, the tunnel works
properly; while when using NetworkManager, which overrides the script
above with the problematic binary I'm suggesting the patch, it doesn't.
There is a misunderstanding in variable names between vpnc and network-
manager-vpnc. INTERNAL_IP4_NETMASK from VPNC is not to be used in the
endpoint address, while NetworkManager uses the value passed in
NM_VPN_PLUGIN_IP4_CONFIG_PREFIX for such thing. The nm-vpnc helper seems
more broken than it looks like, but since there are reports of it
working in some cases, I went through the safe route and only set it to
the correct value when NETMASK is missing.
The issue has not been resolved, as you can see from the comments above,
and I ran into exactly the same issue now in my fully updated Natty
installation. So, please, undo the "Fix Released" status, since it
requires, at minimum, more investigation.
As I understand, network-manager-vpnc is a plugin separate from network-
manager. I already sent the patch to Dan Williams, who is listed in the
MAINTAINERS file for the package, but it is taking some time to have it
replied.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/364844
Title:
network-manager-vpnc produces incorrect routing table
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager-vpnc/+bug/364844/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
