[Bug 1886809] Re: Pulse connect VPN exists because unwanted avahi network starts
Dan Bungert
1886809 at bugs.launchpad.net
Thu Oct 14 19:19:06 UTC 2021
Hi @helioloureiro,
While for your use case I can easily see the need for this patch, I'm
not sure this should be applied generally. In a VPN split tunnel
scenario, the very case that Pulsesecure seems to be rejecting, the
original config would probably be more appropriate.
Another path forward - on more recent Ubuntu (hirsute in my case), it
appears that avahi-autoipd can be removed without causing excessive
other package removals. Would that be a plausible solution for someone
with a similar problem?
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to avahi in Ubuntu.
https://bugs.launchpad.net/bugs/1886809
Title:
Pulse connect VPN exists because unwanted avahi network starts
Status in avahi package in Ubuntu:
New
Bug description:
Pulse VPNs exists very often because avahi enforces network
192.250.0.0/0 over tun0 interface. The message error is:
rmon.error Unauthorized new route to 169.254.0.0/0.0.0.0 has been
added (conflicts with our route to 0.0.0.0), disconnecting
(routemon.cpp:598)
No matter the options to skip avahi on /etc/default/avahi-daemon, it
always calls /etc/network/if-up.d/avahi-autoipd and raises this
discovery network.
A fix can be done patching /etc/network/if-up.d/avahi-autoipd to skip
any tunnel interface.
--- /etc/network/if-up.d/avahi-autoipd.dpkg-old 2020-07-08 13:25:41.834569800 +0200
+++ /etc/network/if-up.d/avahi-autoipd 2020-07-07 10:07:37.611118581 +0200
@@ -11,6 +11,10 @@
[ -x /usr/sbin/avahi-autoipd ] || exit 0
+case "$IFACE" in
+ tun*) exit 0 ;;
+esac
+
[ "$IFACE" != "lo" ] || exit 0
case "$ADDRFAM" in
inet) ;;
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/1886809/+subscriptions
More information about the foundations-bugs
mailing list