OpenVPN MAC

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
roxy
Posts: 25
Joined: Sun Feb 21, 2016 10:34 am

OpenVPN MAC

Post by roxy » Tue Jul 25, 2017 12:42 pm

Hi, we have Virtual Hub configured with Virtual DHCP Server enabled. Several OpenVPN connecting clients change IP before DHCP lease time expires (we used standard 7200 seconds lease time as now). Analysing logs we see different OpenVPN Client having same MAC address and we see also same client connecting to VPN server in different moment with different MAC Address. MAC address are of class like CA-BF-1E-42-XX-XX.

Is softether creating these MAC Addresses on behalf of OpenVPN clients ? why we find duplicated MAC address and so different IP before DHCP lease time expires ?

Best regards

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: OpenVPN MAC

Post by thisjun » Thu Aug 03, 2017 6:18 am

SoftEther VPN generate MAC address from machine name, virtual hub name and session unique ID.
https://github.com/SoftEtherVPN/SoftEth ... on.c#L2340

If you want to keep MAC address on client, please use tap mode OpenVPN.

roxy
Posts: 25
Joined: Sun Feb 21, 2016 10:34 am

Re: OpenVPN MAC

Post by roxy » Thu Aug 10, 2017 1:13 pm

I do not know where, if upper case conversion or hashing, but MAC address in some point is not uniquely assigned to every DIFFERENTE combination of:

machine name
virtual hub name
session unique ID

As we get same MAC for 2 different machine for 2 different sessions on the same virtual hub.

tap is not an option on limited linux set-top box or smartphone...

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: OpenVPN MAC

Post by thisjun » Thu Sep 07, 2017 7:31 am

'machine name' is server's host name.
If the VPN server restarted, MAC address will conflict with previous one.

roxy
Posts: 25
Joined: Sun Feb 21, 2016 10:34 am

Re: OpenVPN MAC

Post by roxy » Thu Sep 14, 2017 7:50 pm

There are MAC address conflict also if no restart happen, probably session id are not managed to be unique in long time intervals, so if one client disconnect and a new client connect nre client get session id of previous client, and so MAC address. It should be sufficent to manage session id to avoid reuse in shot time intervals or somthing like this

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: OpenVPN MAC

Post by thisjun » Tue Oct 17, 2017 4:58 am

Session ID includes a serial number of session since the virtual hub is enabled.
So, multiple session don't have a same MAC address.
Did you turn off the virtual hub?

roxy
Posts: 25
Joined: Sun Feb 21, 2016 10:34 am

Re: OpenVPN MAC

Post by roxy » Wed Oct 18, 2017 2:13 pm

Turn off ? what do you mean for "turn off" a virtual hub ?
Virtual Hub is Online if you mean this

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: OpenVPN MAC

Post by thisjun » Wed Nov 01, 2017 6:42 am

Did you use OpenVPN tap mode?

roxy
Posts: 25
Joined: Sun Feb 21, 2016 10:34 am

Re: OpenVPN MAC

Post by roxy » Tue Dec 19, 2017 12:21 pm

tun mode

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: OpenVPN MAC

Post by thisjun » Fri Jan 05, 2018 5:14 am

I would like to know reproduction condition.
Could you upload log files?

roxy
Posts: 25
Joined: Sun Feb 21, 2016 10:34 am

Re: OpenVPN MAC

Post by roxy » Thu Jan 11, 2018 12:13 pm

To be more robust we developed our software to get id from devices to distinguish also if different devices be using some IP so we cannot reproduce with easy the issue. If we can in the near future reproduce I'll send you log file.

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: OpenVPN MAC

Post by thisjun » Thu Jan 25, 2018 5:35 am

OpenVPN protocol doesn't have function that send device ID.

Post Reply