Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
What is ovpnc1:network ?
« previous
next »
Print
Pages: [
1
]
Author
Topic: What is ovpnc1:network ? (Read 1904 times)
tessus
Jr. Member
Posts: 67
Karma: 2
What is ovpnc1:network ?
«
on:
May 31, 2022, 12:05:25 am »
After the upgrade to 22.1.8, I see a lot of entries in my pi-hole with the hostname
ovpnc1:network
and
ovpnc1:network.local
I am not even sure how this is possible since a colon is not a valid character in a hostname.
Why is OPNsense trying to resolve these hostnames since 22.1.8?
Logged
tessus
Jr. Member
Posts: 67
Karma: 2
Re: What is ovpnc1:network ?
«
Reply #1 on:
May 31, 2022, 11:03:50 pm »
I still do not know where it was coming from, since my device
ovpnc1
was disabled and I did not have an active VPN client connection running.
Something must have happened during the upgrade that resulted in this weird behavior. I have now deleted the device and created a new one. Problem gone. Very strange, but ok.
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: What is ovpnc1:network ?
«
Reply #2 on:
June 02, 2022, 10:27:29 am »
Well, first of all ovpnc1 is a device you created using an OpenVPN client setup. Since 22.1.8 internal aliases are created to reflect firewall address selectors such as :network expansion. This part is completely normal.
However, for one reason or another ovpnc1:network is being resolved by DNS which it shouldn't.
Is cator00r your firewall?
Cheers,
Franco
Logged
tessus
Jr. Member
Posts: 67
Karma: 2
Re: What is ovpnc1:network ?
«
Reply #3 on:
June 02, 2022, 04:05:00 pm »
Yes, cator00r is my firewall.
I know that ovpncX are OpenVPN devices, but what confused me was the part that this "strange" hostname was being resolved, apart from the fact that the device was actually deactivated and the VPN connection was not running either.
I suspect that when creating these internal aliases, something went haywire and this device was stuck in an unrecoverable state. This is why I had to delete the device and the VPN connection to get rid of these name rsolution attempts.
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: What is ovpnc1:network ?
«
Reply #4 on:
June 03, 2022, 11:55:40 am »
Well, as I said it's strange but not unexpected or particularly harmful. I'm unable to trace the origin for this resolution attempt at the moment, but I'm sure it will be more clear if we can gather more data (maybe through other people's reports).
Cheers,
Franco
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: What is ovpnc1:network ?
«
Reply #5 on:
June 03, 2022, 02:25:11 pm »
After some internal chatting about the behaviour the culprit is pfctl as shipped by FreeBSD. If the interface "ovpnc1" is not found (disabled) then it will try to treat "ovp nc1:network" as a DNS entry to resolve.
There is a POC code change for the issue here but we need to discuss with FreeBSD most likely ...
https://github.com/opnsense/src/commit/a922e2e87e194
Cheers,
Franco
Logged
tessus
Jr. Member
Posts: 67
Karma: 2
Re: What is ovpnc1:network ?
«
Reply #6 on:
June 03, 2022, 06:34:32 pm »
Thanks for the info. I don't really need a fix. I just didn't understand what was going on, b/c I didn't do anything (except upgrading from 22.1.7 to 22.1.8 ).
Now I do understand and I am happy.
Thanks for letting me know.
«
Last Edit: June 03, 2022, 06:38:34 pm by tessus
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
What is ovpnc1:network ?
