[eduVPN-deploy] eduVPN client routing table behaviour on MacOS
Louis Twomey
louis.twomey at heanet.ie
Tue Jul 7 18:35:44 CEST 2020
Hi,
I am troubleshooting a problem where some of our staff occasionally experience problems when accessing O365 services via our eduVPN servers. They can access Sharepoint, and they can open Sharepoint documents in the browser, but they can’t open the same documents in their local apps - the nature of the error suggests a possible networking issue.
The problem affected two staff members today, at least one of them is using a MacOS 10.15.5 laptop and a recent version of the eduVPN client, v2.1.7 (837). I have not experienced this problem, I have a MacOS 10.15.5 laptop too, but my eduVPN client is v1.2.1.
When looking at the routing table on my laptop, and the affected laptop, they are very different and I wonder whether this is because the newer eduVPN client behaves differently?
My laptop routing table is very short and very “clean", my older eduVPN client adds only 6 routes via the virtual/tunnel interface (for: 0/1,128.0/1, 192.168.0.0/25, 192.168.0.128/25, host route for gateway IP of eduVPN server, eduVPN pool range). By complete contrast, the laptop with the newer eduVPN client has over 30 additional routes and most of them are host routes, here is a snippet of the IPv4 table:
Internet:
Destination Gateway Flags Netif Expire
default link#18 UCS utun2
default 192.168.0.1 UGScI en0
1.1.1.1 link#18 UHW3I utun2 2
1.2.3.4 link#18 UHW3I utun2 1
8.8.8.8 link#18 UHW3I utun2 3
13.88.28.53 link#18 UHWIi utun2
40.126.1.143 link#18 UHWIi utun2
Is it standard behaviour of the newer MacOS eduVPN client to add a “default” route as above, and to add multiple host routes?
Thanks,
Louis
-------
Louis Twomey
Technical Architect
PGP key: C77D9256
HEAnet CLG, Ireland’s National Education and Research Network
1st Floor, 5 George’s Dock, IFSC, Dublin D01 X8N7, Ireland
+353 (0)1 6609040 louis.twomey at heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270
More information about the eduVPN-deploy
mailing list