search

nm-l2tp / NetworkManager-l2tp

L2TP and L2TP/IPsec support for NetworkManager
GNU General Public License v2.0
489 stars 84 forks source link

Ubuntu 22.04 - xl2tpd broken #184

Closed dkosovic closed 2 years ago

dkosovic commented 2 years ago

xl2tpd-1.3.16-1 package that ships with Ubuntu 22.04 is broken, it will produce Can not find tunnel errors like the following :

Mar 31 12:00:12 NetworkManager[4991]: xl2tpd[4991]: Can not find tunnel 105 (refhim=0)
Mar 31 12:00:12 NetworkManager[4991]: xl2tpd[4991]: network_thread: unable to find call or tunnel to handle packet.  call = 39697, tunnel = 105 Dumping.
Mar 31 12:00:13 NetworkManager[4991]: xl2tpd[4991]: Can not find tunnel 105 (refhim=0)
Mar 31 12:00:13 NetworkManager[4991]: xl2tpd[4991]: network_thread: unable to find call or tunnel to handle packet.  call = 39697, tunnel = 105 Dumping.

The broken Ubuntu 22.04 xl2tpd package was first reported back on 2021-11-22 :

Hopefully a new xl2tpd packages will be released soon. Subscribe to that bug report if you wish to receive the latest news on a new xl2tpd package.

One workaround is to use Katalix go-l2tp. NetworkManager-l2tp >= 1.20.0 will use kl2tpd as the default L2TP daemon and fall back to xl2tpd if it can't find it, kl2tpd can readily be installed with :

sudo apt install golang-go

go install "github.com/katalix/go-l2tp/...@latest"
sudo mkdir /usr/local/sbin
sudo cp go/bin/kl2tpd /usr/local/sbin
dkosovic commented 2 years ago

Upstream xl2tpd bug report:

akarl10 commented 2 years ago

just tried to break my vpn in the same way as https://github.com/xelerance/xl2tpd/issues/230#issuecomment-1107666648 (well, I think so), by making a l2tp/ipsec server having the same ppp "inner" remote address as the vpn server itself.

Essentially this https://github.com/nm-l2tp/NetworkManager-l2tp/issues/132

ip r
VPN.SERVER. dev ppp0 proto kernel scope link src INNER.IP
VPN.SERVER. via LOCAL.DEFAULTGW dev eth0 proto static metric 50

the second one gets most probably added by nm, the first probably by pppd

But somehow this does not work (anymore? don't have a 20.04 to test on hand) in ubuntu 22.04

dkosovic commented 2 years ago

The ppp0 metric 0 (or no metric) route is the following NetworkManager 1.36.4 issue:

If the VPN's inner and outer gateway are one and the same, it's definitely an upstream bug with NetworkManager >= 1.36.0, it shouldn't be adding that broken ppp0 metric 0 route.

dkosovic commented 2 years ago

To keep this issue on topic, if it is not related to the Can not find tunnel error as a result of the broken xl2tpd that ships Ubuntu 22.04, please submit a new issue even if it is for Ubuntu 22.04.

dkosovic commented 2 years ago

This bug was fixed in the package xl2tpd - 1.3.16-1ubuntu0.1

xl2tpd (1.3.16-1ubuntu0.1) jammy; urgency=medium