Page 1 of 1
Why MAC address of users changes?
Posted: Mon May 12, 2025 7:04 pm
by kzmo
Hi,
I'm trying to setup SE server with OpenVPN enabled (as teltonika RUT200 has simple setup for OpenVPN). I'm using SE server 4.40.
I want to have static IP for each of the clients that connect to SE via OpenVPN.
I setup OpenDHCPServer alongside to assign IPs and it works OK.
I've set the MAC:... address for one user, meaning I've put:
in the Note field for the user.
However, when client connects to it, I almost always see two or three MACs for this client:
Code: Select all
ae:00:00:00:00:01
ae:00:00:00:00:02
Why is that? It prevents DHCP to correctly assign IP, as they changes.
Is there a way to have MAC address always fixed?
thank you and all the best
Chris
Re: Why MAC address of users changes?
Posted: Wed May 14, 2025 12:29 am
by solo
Version 4.40 does not exist. Try v4.44, v5.x, then report it here
https://github.com/SoftEtherVPN/SoftEtherVPN/issues
Re: Why MAC address of users changes?
Posted: Wed May 14, 2025 4:39 am
by kzmo
Right, sorry it is 4.41.
But I will try v4.44 as suggested.
Re: Why MAC address of users changes?
Posted: Tue May 20, 2025 8:37 am
by kzmo
So I've updated to version 4.44 build 9807 RTM and I still see 2 MAC addresses for one user, even if I've put in the Note field:
I see it has MAC addresses:
Code: Select all
MAC:DE:AD:00:00:01:01
MAC:DE:AD:00:00:01:02
Am I doing something wrong? Where in the source code it is happening? I checked the source code and I couldn't easily find this situation. I found that when MAC is specified in Note field, then this MAC is being used directly as is, but I couldn't find where and why the second MAC (incremented by 1) it's assigned.
Re: Why MAC address of users changes?
Posted: Wed May 21, 2025 1:14 am
by solo
kzmo wrote: ↑Tue May 20, 2025 8:37 am
Am I doing something wrong?
Yes, your DHCP server is either misconfigured or dysfunctional.
Code: Select all
Open DHCP Server DYNAMIC
SessionList command - Get List of Connected Sessions
Item |Value
----------------+--------------------
Session Name |SID-LOCALBRIDGE-1
VLAN ID |-
Location |Local Session
User Name |Local Bridge
Source Host Name|Ethernet Bridge
TCP Connections |None
Transfer Bytes |24,085
Transfer Packets|457
----------------+--------------------
Session Name |SID-1-[OPENVPN_L3]-3
VLAN ID |-
Location |Local Session
User Name |1
Source Host Name|localhost
TCP Connections |1 / 1
Transfer Bytes |3,138
Transfer Packets|10
MacTable command - Get the MAC Address Table Database
Item |Value
------------+--------------------
ID |3948334459
Session Name|SID-LOCALBRIDGE-1
VLAN ID |-
MAC Address |02-00-4C-4F-4F-50
Created at |2025-05-21 09:41:22
Updated at |2025-05-21 10:00:33
Location |On 'DC22'
------------+--------------------
ID |2076634987
Session Name|SID-1-[OPENVPN_L3]-3
VLAN ID |-
MAC Address |AE-00-00-00-00-01
Created at |2025-05-21 09:47:29
Updated at |2025-05-21 09:47:29
Location |On 'DC22'
------------+--------------------
ID |2076634987
Session Name|SID-1-[OPENVPN_L3]-3
VLAN ID |-
MAC Address |AE-00-00-00-00-02
Created at |2025-05-21 09:47:29
Updated at |2025-05-21 09:47:29
Location |On 'DC22'
------------+--------------------
ID |2076634987
Session Name|SID-1-[OPENVPN_L3]-3
VLAN ID |-
MAC Address |AE-00-00-00-00-03
Created at |2025-05-21 09:47:29
Updated at |2025-05-21 09:47:29
Location |On 'DC22'
IpTable command - Get the IP Address Table Database
Item |Value
------------+--------------------
ID |264036810
Session Name|SID-LOCALBRIDGE-1
IP Address |192.168.0.1
Created at |2025-05-21 09:41:22
Updated at |2025-05-21 10:01:09
Location |On 'DC22'
------------+--------------------
ID |3051396890
Session Name|SID-1-[OPENVPN_L3]-3
IP Address |192.168.0.17 (DHCP)
Created at |2025-05-21 09:47:29
Updated at |2025-05-21 09:47:29
Location |On 'DC22'
[21-May-25 09:39:36] Open DHCP Server Version 1.81 Windows Build 1055 (32bit) Starting...
...
[21-May-25 09:46:32] Lease Status URL: http://127.0.0.1:6789
[21-May-25 09:46:32] Listening On: 192.168.0.1
[21-May-25 09:47:29] Host ae:00:00:00:00:03 (Hostae0000000003) allotted 192.168.0.17 for 36000 seconds
Confirmed, it's exactly as you described. Next, the same setup but with Static Client DHCP assignment.
Code: Select all
Open DHCP Server STATIC
VPN Server/VPN>SessionList
SessionList command - Get List of Connected Sessions
Item |Value
----------------+--------------------
Session Name |SID-LOCALBRIDGE-1
VLAN ID |-
Location |Local Session
User Name |Local Bridge
Source Host Name|Ethernet Bridge
TCP Connections |None
Transfer Bytes |36,826
Transfer Packets|728
----------------+--------------------
Session Name |SID-1-[OPENVPN_L3]-4
VLAN ID |-
Location |Local Session
User Name |1
Source Host Name|localhost
TCP Connections |1 / 1
Transfer Bytes |1,258
Transfer Packets|4
MacTable command - Get the MAC Address Table Database
Item |Value
------------+--------------------
ID |3948334459
Session Name|SID-LOCALBRIDGE-1
VLAN ID |-
MAC Address |02-00-4C-4F-4F-50
Created at |2025-05-21 09:41:22
Updated at |2025-05-21 10:11:37
Location |On 'DC22'
------------+--------------------
ID |2076634987
Session Name|SID-1-[OPENVPN_L3]-4
VLAN ID |-
MAC Address |AE-00-00-00-00-01
Created at |2025-05-21 10:09:28
Updated at |2025-05-21 10:09:28
Location |On 'DC22'
IpTable command - Get the IP Address Table Database
Item |Value
------------+--------------------
ID |264036810
Session Name|SID-LOCALBRIDGE-1
IP Address |192.168.0.1
Created at |2025-05-21 09:41:22
Updated at |2025-05-21 10:12:08
Location |On 'DC22'
------------+--------------------
ID |1252577960
Session Name|SID-1-[OPENVPN_L3]-4
IP Address |192.168.0.9 (DHCP)
Created at |2025-05-21 10:09:28
Updated at |2025-05-21 10:09:28
Location |On 'DC22'
[21-May-25 10:09:11] Open DHCP Server Version 1.81 Windows Build 1055 (32bit) Starting...
...
[21-May-25 10:09:11] Lease Status URL: http://127.0.0.1:6789
[21-May-25 10:09:11] Listening On: 192.168.0.1
[21-May-25 10:09:28] Host ae:00:00:00:00:01 (Hostae0000000001) allotted 192.168.0.9 for 36000 seconds
In conclusion, the "phenomenon" disappears when DHCP is set up as intended - specifically...
...you can fix the user's IP address by configuring the static IP address reserve list hosted by the existing DHCP server (e.g. Linux dhcpd or Windows DHCP Service) on the target local-area network which the Virtual Hub is connected with the Local Bridge function. To fix the IP addresses assignment by the DHCP server you need to configure the "Static IP address reserve list" function (the function name may vary on each DHCP server product). You need to refer the document of your DHCP Server to configure the static IP address reserve list.
https://www.softether.org/5-download/history
Re: Why MAC address of users changes?
Posted: Wed May 21, 2025 1:58 pm
by kzmo
Thanks for the followup.
I have updated Open DHCP Server to newest version:
Code: Select all
[21-May-25 15:11:26] Open DHCP Server Version 2.01 Windows Build 1062 Starting...
[21-May-25 15:11:26] Starting DHCP Service
And I have set this in ODS ini file:
Code: Select all
[RANGE_SET]
DHCPRange=192.168.30.20-192.168.30.30
[de:ad:00:00:02:01]
IP=192.168.30.110
[de:ad:00:00:02:02]
IP=192.168.30.111
When my Teltonika router connects over GSM I see in Open DCHP Logs:
Code: Select all
[21-May-25 15:13:58] DHCPDISCOVER for de:ad:00:00:02:01 () from interface 192.168.30.2 received
[21-May-25 15:13:58] Host de:ad:00:00:02:01 (Hostdead00000201) offered 192.168.30.110
[21-May-25 15:13:58] DHCPDISCOVER for de:ad:00:00:02:02 () from interface 192.168.30.2 received
[21-May-25 15:13:58] Host de:ad:00:00:02:02 (Hostdead00000202) offered 192.168.30.111
[21-May-25 15:13:58] DHCPDISCOVER for de:ad:00:00:02:03 () from interface 192.168.30.2 received
[21-May-25 15:13:58] Host de:ad:00:00:02:03 (Hostdead00000203) offered 192.168.30.21
[21-May-25 15:13:58] DHCPREQUEST for de:ad:00:00:02:03 () from interface 192.168.30.2 received
[21-May-25 15:13:58] Host de:ad:00:00:02:03 (Hostdead00000203) allotted 192.168.30.21 for 300 seconds
So it assigns proper IP 192.168.30.110 for de:ad:00:00:02:01 but then it does DISCOVER again and again and then it does DHCPREQUEST.
In SE logs (redacted sensitive data):
Code: Select all
2025-05-21 15:33:52.052 [HUB "xx"] The connection "CID-2576-CBB9375263" (IP address: xxxx, Host name: xxxxx, Port number: 18377, Client name: "OpenVPN Client", Version: 4.44, Build: 9807) is attempting to connect to the Virtual Hub. The auth type provided is "External server authentication" and the user name is "xxxxx".
2025-05-21 15:33:52.052 [HUB "xx"] Connection "CID-2576-CBB9375263": Successfully authenticated as user "xx".
2025-05-21 15:33:52.052 [HUB "xx"] Connection "CID-2576-CBB9375263": The new session "SID-xxxx-OPENVPN_L3]-25" has been created. (IP address: xxx, Port number: 18377, Physical underlying protocol: "Legacy VPN - OPENVPN_L3")
2025-05-21 15:33:52.052 [HUB "xx"] Session "SID-xxx-[OPENVPN_L3]-25": The parameter has been set. Max number of TCP connections: 1, Use of encryption: Yes, Use of compression: No, Use of Half duplex communication: No, Timeout: 20 seconds.
2025-05-21 15:33:52.053 [HUB "xx"] Session "SID-xxx-[OPENVPN_L3]-25": VPN Client details: (Client product name: "OpenVPN Client", Client version: 444, Client build number: 9807, Server product name: "SoftEther VPN Server (64 bit)", Server version: 444, Server build number: 9807, Client OS name: "OpenVPN Client", Client OS version: "-", Client product ID: "-", Client host name: "", Client IP address: "xxx", Client port number: 18377, Server host name: "xxx", Server IP address: "xxx", Server port number: 1194, Proxy host name: "", Proxy IP address: "0.0.0.0", Proxy port number: 0, Virtual Hub name: "xxx", Client unique ID: "B81694B1E9B85B23B682F501AC955CCD")
2025-05-21 15:33:52.059 [HUB "xx"] Session "SID-LOCALBRIDGE-1": The DHCP server of host "00-50-56-39-71-67" (192.168.30.2) on this session allocated, for host "SID-xxx-[OPENVPN_L3]-25" on another session "DE-AD-00-00-02-03", the new IP address 192.168.30.21.
So in last line it just uses DE-AD-00-00-02-03 MAC, not DE-AD-00-00-02-01.
Why SE is incrementing MAC? And where does it happen?
thanks!
Re: Why MAC address of users changes?
Posted: Thu May 22, 2025 6:28 am
by solo
This will fix it:
Code: Select all
[de:ad:00:00:02:01]
IP=192.168.30.3
[de:ad:00:00:02:02]
IP=192.168.30.4
Please enter it exactly as above. If you don't like it, ask for a better solution here
https://github.com/SoftEtherVPN/SoftEtherVPN/issues
;-)
Re: Why MAC address of users changes?
Posted: Thu May 22, 2025 7:01 am
by kzmo
Thanks again.
I entered the settings as you suggested:
Code: Select all
[de:ad:00:00:02:01]
IP=192.168.30.3
[de:ad:00:00:02:02]
IP=192.168.30.4
[de:ad:00:00:02:03]
IP=192.168.30.5
but still is the same - several DHCPDISCOVER with different MACs and then DHCPREQUEST:
Code: Select all
[22-May-25 08:51:52] DHCPDISCOVER for de:ad:00:00:02:01 () from interface 192.168.30.2 received
[22-May-25 08:51:52] Host de:ad:00:00:02:01 (Hostdead00000201) offered 192.168.30.3
[22-May-25 08:51:52] DHCPDISCOVER for de:ad:00:00:02:02 () from interface 192.168.30.2 received
[22-May-25 08:51:52] Host de:ad:00:00:02:02 (Hostdead00000202) offered 192.168.30.4
[22-May-25 08:51:52] DHCPDISCOVER for de:ad:00:00:02:03 () from interface 192.168.30.2 received
[22-May-25 08:51:52] Host de:ad:00:00:02:03 (Hostdead00000203) offered 192.168.30.5
[22-May-25 08:51:52] DHCPREQUEST for de:ad:00:00:02:03 () from interface 192.168.30.2 received
[22-May-25 08:51:52] Host de:ad:00:00:02:03 (Hostdead00000203) allotted 192.168.30.5 for 300 seconds
I will ask on github then, thanks.
Re: Why MAC address of users changes?
Posted: Thu May 22, 2025 11:20 am
by solo
kzmo wrote: ↑Thu May 22, 2025 7:01 am
I will ask on github then, thanks.
It's a hilarious bug. Please check the following combination which is 100% reliable in my tests:
Code: Select all
[ae:00:00:00:00:01]
IP=192.168.0.9
[ae:00:00:00:00:01] with double-digit IP like 192.168.x.xx or 192.168.xx.x or 192.168.xx.xx produce double-MACs
But using your [de:ad:00:00:02:01] generates an incredible number of MACs.
...
dhcp.png
.
Re: Why MAC address of users changes?
Posted: Thu May 22, 2025 12:00 pm
by kzmo
Hmm still having the same issue.
I've added 192.168.9.2 as my server's another IP address (it also has 192.168.30.2).
In OpenDHCPServer I'm listening on:
Code: Select all
[22-May-25 13:50:45] Listening On: 192.168.9.2
[22-May-25 13:50:45] Listening On: 192.168.30.2
And I've set:
Code: Select all
[ae:00:00:00:00:01]
IP=192.168.9.3
In SE user Note:
And still I get serveral MACs for this client when connected:
Code: Select all
AE-00-00-00-00-01
AE-00-00-00-00-02
AE-00-00-00-00-03
And in DHCP log:
Code: Select all
[22-May-25 13:50:45] Listening On: 192.168.9.2
[22-May-25 13:50:45] Listening On: 192.168.30.2
[22-May-25 13:50:58] DHCPDISCOVER for ae:00:00:00:00:01 () from interface 192.168.30.2 received
[22-May-25 13:50:58] Host ae:00:00:00:00:01 (Hostae0000000001) offered 192.168.9.3
[22-May-25 13:50:58] DHCPDISCOVER for ae:00:00:00:00:01 () from interface 192.168.9.2 received
[22-May-25 13:50:58] Host ae:00:00:00:00:01 (Hostae0000000001) offered 192.168.9.3
[22-May-25 13:50:58] DHCPDISCOVER for ae:00:00:00:00:02 () from interface 192.168.30.2 received
[22-May-25 13:50:58] Host ae:00:00:00:00:02 (Hostae0000000002) offered 192.168.30.20
[22-May-25 13:50:58] DHCPDISCOVER for ae:00:00:00:00:02 () from interface 192.168.9.2 received
[22-May-25 13:50:58] No Matching DHCP Range for DHCPDISCOVER for ae:00:00:00:00:02 () from interface 192.168.9.2
[22-May-25 13:50:58] DHCPDISCOVER for ae:00:00:00:00:03 () from interface 192.168.30.2 received
[22-May-25 13:50:58] Host ae:00:00:00:00:03 (Hostae0000000003) offered 192.168.30.21
[22-May-25 13:50:58] DHCPDISCOVER for ae:00:00:00:00:03 () from interface 192.168.9.2 received
[22-May-25 13:50:58] No Matching DHCP Range for DHCPDISCOVER for ae:00:00:00:00:03 () from interface 192.168.9.2
[22-May-25 13:50:58] DHCPREQUEST for ae:00:00:00:00:03 () from interface 192.168.30.2 received
[22-May-25 13:50:58] Host ae:00:00:00:00:03 (Hostae0000000003) allotted 192.168.30.21 for 300 seconds
so it assignes proper 192.168.9.3 for ae:00:00:00:00:01 but then does again DISCOVER for ae:00:00:00:00:02...
Any idea where in code it happens? :) Do you known where in code it happens?
I tried the github issues but they're only for v5. I'd prefer to use v4 as it's stable version...
thanks!
Re: Why MAC address of users changes?
Posted: Thu May 22, 2025 12:35 pm
by solo
kzmo wrote: ↑Thu May 22, 2025 12:00 pm
Any idea where in code it happens? :) Do you known where in code it happens?
The open source code is not complete. Let's assume we've found it, patched it up and re-compiled it. Now these are missing:
Current limitations
Features not supported by SoftEther VPN
The following features are not implemented in the current version of SoftEther VPN :
DoS attack prevention function
User authentication with RADIUS/NT domain
RSA certificate authentication
Detailed packet logging feature
Connection source IP access control list function
Syslog forwarding function
Distributing static routes on a virtual DHCP server
These functions are often used in large-scale environments such as large companies, and are currently only included in the commercial version of PacketiX VPN 4.0 due to copyright issues.
https://ja.softether.org/3-spec/cureent_limitations
viewtopic.php?f=7&t=69047&p=101594#p101594
So, if you like v4 officially compiled with all features, use either my 192.168.0.9 or search for other "compatible" IPs.
192.168.9.3 is also broken on my system.
Re: Why MAC address of users changes?
Posted: Thu May 22, 2025 2:49 pm
by kzmo
OK, so you propose to use v5, right? Is it stable enough? :)
Re: Why MAC address of users changes?
Posted: Thu May 22, 2025 2:51 pm
by kzmo
Also, should I first uninstall v4 and then install v5? Will the Virtual Hubs and settings be saved?
Re: Why MAC address of users changes?
Posted: Thu May 22, 2025 3:22 pm
by solo
This bug seems resolved in v5.02.5374, I tested a few MAC/IP combinations without a problem. There are other v5 issues with OpenVPN, eg.
viewtopic.php?f=7&t=69424#p102738
I recommend a clean v5 install.