Bridge not working as expected
-
- Posts: 22
- Joined: Wed Aug 30, 2023 11:57 am
Bridge not working as expected
Hello,
I set up my softether service on a home lan PC (192.168.1.4).
I set it to bridge the defined hub to the local ethernet port (the only one available).
When I connect from outside, I see my pc gets a local IP (192.168.1.27), all traffic is routed through VPN (my external IP is the one of the home router) and I can access internet as if I was at home.
The problem is I can't access my home IPs: 192.1681.1.1 (router) homepage spins forever and trying to ssh to my server (192.168.1.4) fails immediately.
Where am I wrong?
I set up my softether service on a home lan PC (192.168.1.4).
I set it to bridge the defined hub to the local ethernet port (the only one available).
When I connect from outside, I see my pc gets a local IP (192.168.1.27), all traffic is routed through VPN (my external IP is the one of the home router) and I can access internet as if I was at home.
The problem is I can't access my home IPs: 192.1681.1.1 (router) homepage spins forever and trying to ssh to my server (192.168.1.4) fails immediately.
Where am I wrong?
-
- Posts: 1529
- Joined: Sun Feb 14, 2021 10:31 am
Re: Bridge not working as expected
1. the 192.1681.1.1 address is incorrect
2. due to Linux kernel limitation you can not access SE server at 192.168.1.4
-
- Posts: 22
- Joined: Wed Aug 30, 2023 11:57 am
Re: Bridge not working as expected
192.1681.1.1 is a typo here; I meant 192.168.1.1 that is unreachable, and I don't understand why.
Why the second answer? When I'm in my local LAN, I can access 192.168.1.4 without problems. Can you explain more?
Why the second answer? When I'm in my local LAN, I can access 192.168.1.4 without problems. Can you explain more?
-
- Posts: 1529
- Joined: Sun Feb 14, 2021 10:31 am
Re: Bridge not working as expected
Search this forum for "Linux kernel limitation", fix it, and then we'll look into your other issues.
-
- Posts: 22
- Joined: Wed Aug 30, 2023 11:57 am
Re: Bridge not working as expected
Looking here (https://www.softether.org/4-docs/1-manu ... r_Mac_OS_X) I understand I should add a second physical network adapter. This is not an option, unfortunately. Am I wrong?
-
- Posts: 1529
- Joined: Sun Feb 14, 2021 10:31 am
Re: Bridge not working as expected
That's one solution and you still could use a USB NIC, but there is another one, search for "soft tap" and do double-bridge.
-
- Posts: 22
- Joined: Wed Aug 30, 2023 11:57 am
Re: Bridge not working as expected
I'll look into it; meanwhile, isn't' secureNat a possibile alternative?
If I put that all 192.168.1.x traffic goes through vpn, that should work, doesn't it?
If I put that all 192.168.1.x traffic goes through vpn, that should work, doesn't it?
-
- Posts: 1529
- Joined: Sun Feb 14, 2021 10:31 am
Re: Bridge not working as expected
It is, however you need to set DisableKernelModeSecureNAT to 1 in order to access the server via VPN.
-
- Posts: 22
- Joined: Wed Aug 30, 2023 11:57 am
Re: Bridge not working as expected
I tried the SeceureNAT way, but I have some trouble.
Apart from not connecting to my VPN Server (that is 192.168.1.4 and I understand I need to put that parameter somewhere - where?), I can't event access my router (192.168.1.1) home page: it starts loading and then stays spinning forever...
How can I troubleshoot it?
Apart from not connecting to my VPN Server (that is 192.168.1.4 and I understand I need to put that parameter somewhere - where?), I can't event access my router (192.168.1.1) home page: it starts loading and then stays spinning forever...
How can I troubleshoot it?
-
- Posts: 11
- Joined: Wed Aug 30, 2023 11:16 am
Re: Bridge not working as expected
make
and show result
Code: Select all
tracert 192.168.1.1
-
- Posts: 22
- Joined: Wed Aug 30, 2023 11:57 am
Re: Bridge not working as expected
I don't understand... all seems correctly configured, but some web pages don't load.
When connected, the situation is:
and
If I try fast.com, it shows 2Mbps. But...
192.168.1.1 loads some page components and never end.
Same for this site (vpnuser.com): I haven't been able to post this without turning my VPN off...
What could it be?
Moreover, please tell me where to put that parameter, so that I can check my vpn server with VPN open.
tnx
When connected, the situation is:
Code: Select all
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.30.1 192.168.30.10 2
Code: Select all
Tracing route to 192.168.1.1 over a maximum of 30 hops
1 46 ms 31 ms 43 ms 192.168.30.1
2 46 ms 53 ms 40 ms 192.168.1.1
192.168.1.1 loads some page components and never end.
Same for this site (vpnuser.com): I haven't been able to post this without turning my VPN off...
What could it be?
Moreover, please tell me where to put that parameter, so that I can check my vpn server with VPN open.
tnx
-
- Posts: 22
- Joined: Wed Aug 30, 2023 11:57 am
Re: Bridge not working as expected
Yup!
I found where to put that parameter, I did and now it all work!
The only problem is the CPU utilization now: one of the two CPU core is at 100% steadily.
I found where to put that parameter, I did and now it all work!
The only problem is the CPU utilization now: one of the two CPU core is at 100% steadily.
-
- Posts: 1529
- Joined: Sun Feb 14, 2021 10:31 am
Re: Bridge not working as expected
Yeah...
Also Comparison on SecureNAT and local bridge methodPrecautions relating to Performance
By possessing an internal virtual TCP/IP stack, SecureNAT performs the highly advanced process of reassembling the TCP/IP stream packetized once by the TCP/IP stack and further TCP/IP packetizing via the operating system. The overhead resulting from these processes is large, such that throughput via the virtual NAT is considerably decreased when compared to physical maximum throughput, even when using a computer with sufficiently high speed. That is why virtual NAT should not be used for performance-centric applications. As previously stated, virtual NAT is a function which can be used as an alternative when the local bridge function cannot be used for security or technical reasons. Where high-speed methods such as local bridging are available, those methods should be used.
Back to bridging? :-)
-
- Posts: 22
- Joined: Wed Aug 30, 2023 11:57 am
Re: Bridge not working as expected
Mmmm...
First point: I see CPU goes to 100% when I connect and remains there even if I disconnect; if I restart the server, CPU goes down until the next client connection. Why does it stay high even if I disconnect?
Bridge: maybe I didn't investigate enough, but it looked that the promiscuous mode of the adapter spiked CPU in the same manner, plus I need some complicated trick to access my vpn server (192.168.1.4).
What do you suggest?
First point: I see CPU goes to 100% when I connect and remains there even if I disconnect; if I restart the server, CPU goes down until the next client connection. Why does it stay high even if I disconnect?
Bridge: maybe I didn't investigate enough, but it looked that the promiscuous mode of the adapter spiked CPU in the same manner, plus I need some complicated trick to access my vpn server (192.168.1.4).
What do you suggest?
-
- Posts: 1529
- Joined: Sun Feb 14, 2021 10:31 am
Re: Bridge not working as expected
Check if DisableIpRawModeSecureNAT = 1 improves anything.
-
- Posts: 22
- Joined: Wed Aug 30, 2023 11:57 am
Re: Bridge not working as expected
I tried, but same result: the CPU stays at 100% even after disconnection. Do you understand why?
-
- Posts: 1529
- Joined: Sun Feb 14, 2021 10:31 am
Re: Bridge not working as expected
Proceed with DE deployment.
https://github.com/SoftEtherVPN/SoftEth ... le-edition
https://dev.azure.com/SoftEther-VPN/Sof ... _a=summary
Confirmed to solve the issue as recently as yesterday...
https://github.com/SoftEtherVPN/SoftEth ... le-edition
https://dev.azure.com/SoftEther-VPN/Sof ... _a=summary
Confirmed to solve the issue as recently as yesterday...
https://www.vpnusers.com/viewtopic.php? ... 29#p100007I built the development version of softether and the problem is gone! The cpu usage has dropped by half, and everything seems great. Wish I had done this sooner
-
- Posts: 22
- Joined: Wed Aug 30, 2023 11:57 am
Re: Bridge not working as expected
This is a timely bug fixing!! :-)
I'm now running version 5.0.1 I downloaded via ATP on my Debian 12.
What version does DE correspond to?
Is it safe? How will it take to have it on Debian 12 repo?
Thank you!
I'm now running version 5.0.1 I downloaded via ATP on my Debian 12.
What version does DE correspond to?
Is it safe? How will it take to have it on Debian 12 repo?
Thank you!