search

mullvad / mullvadvpn-app

The Mullvad VPN client app for desktop and mobile
https://mullvad.net/
GNU General Public License v3.0
4.91k stars 335 forks source link

Incoming ICMP packets are duplicated on LAN when split tunneling is enabled #6707

Open metametapod opened 3 weeks ago

metametapod commented 3 weeks ago

Is it a bug?

I have checked if others have reported this already

Current Behavior

After enabling split-tunneling with the Mullvad macOS app, I'm seeing DUP packets when pinging local addresses.

$ mullvad lan get
Local network sharing setting: allow
$ ping 10.1.0.1
PING 10.1.0.1 (10.1.0.1): 56 data bytes
64 bytes from 10.1.0.1: icmp_seq=0 ttl=64 time=2.900 ms
64 bytes from 10.1.0.1: icmp_seq=0 ttl=64 time=2.957 ms (DUP!)
64 bytes from 10.1.0.1: icmp_seq=1 ttl=64 time=0.680 ms
64 bytes from 10.1.0.1: icmp_seq=1 ttl=64 time=0.731 ms (DUP!)
64 bytes from 10.1.0.1: icmp_seq=2 ttl=64 time=0.494 ms
64 bytes from 10.1.0.1: icmp_seq=2 ttl=64 time=0.536 ms (DUP!)
^C
--- 10.1.0.1 ping statistics ---
3 packets transmitted, 3 packets received, +3 duplicates, 0.0% packet loss
round-trip min/avg/max/stddev = 0.494/1.383/2.957/1.096 ms

Expected Behavior

Not sure if something is misconfigured on my network, but this goes away when disabling split-tunneling and uninstalling/reinstalling Mullvad. Disabling or enabling split-tunneling at all results in DUP packets regardless of whether the program itself (e.g. ping) has split-tunneling enabled.

Steps to Reproduce

  1. Enable local-address sharing in Mullvad.

    mullvad lan set allow

  2. Enable split-tunneling in Mullvad.

mullvad split-tunnel set on
mullvad split-tunnel app add /Applications/Firefox.app/Contents/MacOS/firefox
  1. Ping a local address. (See above.)

Failure Logs

Can upload if necessary.

Operating system version

macOS 14.6.1

Mullvad VPN app version

2024.4

Additional Information

No response

nocturne1 commented 3 weeks ago

I've seen the same thing with 2024.5-beta1 running on macOS 15.0 Beta (24A5331b). Good to know that an uninstall/reinstall stops it.

metametapod commented 3 weeks ago

I should clarify, an uninstall/reinstall only stops it on my machine when split tunneling remains disabled. Once it is enabled again the issue resurfaces.

dlon commented 2 weeks ago

Thank you for reporting this bug. It was known to us, but hadn't been reported before on GitHub. Let's leave this issue open to track progress on it.