[Local Bridge] Services on server machine not accessible by VPN clients

[Elezorn]

Hi everyone

I'm experiencing strange behavior with built-in Local Bridge when services that run on the same machine as the server are available to all local users, but are not available to VPN clients.

So the setup is like that
192.168.1.1 - DHCP/DNS/Gateway machine
192.168.1.244 - Raspberry with SE server with local bridge enabled and say nginx/iperf started
VPN clients use 192.168.1.1 as default gateway, so all traffic goes through it

Any local machine can access nginx/iperf perfectly fine, but no VPN client can. However, VPN clients can access 192.168.1.1 and any other machine in the LAN. So it appears as SE server machine is isolated from its own clients. But(!), if i enable tap bridge on the same HUB with local bridge, assign ip with ifconfig (say 192.168.1.245) - than the issue is solved, both local and remote clients can access services on 192.168.1.244(and also on raspberry's domain name, so mDNS/avahi also works)
Reproduced both on Stable 4.43 and Dev 5.02. No Docker, no VM

I also have another Windows machine with same setup on Stable 4.38 and the problem is basically non-existent there. What i mean by that is that services that being run on windows machine are accessible by both local and vpn clients, but the speed to those services are lower than to the services beyond that machine(!). Yes, that's correct. I see 10-20mbit with iperf/SMB from SE server to VPN client, but i can see 50+ from speedtest, while traffic goes through this same server.

I'm not sure whether that's two separate issues or is there any problem in the local bridge itself. Or maybe that's loop prevention of some sort.

TLDR:
I need a setup with server with local bridge and 3rd party services on the same machine to be accessible both to local and remote clients.

[solo]

Limitations within the Linux or UNIX operating system prevent communication with IP addresses assigned to the network adapter locally bridged from the VPN side (Virtual Hub side). The cause of this restriction lies with OS's internal kernel codes rather than with the SoftEther VPN. When wishing to communicate in any form with a UNIX computer used for local bridging from the VPN side (Virtual Hub side), (for instance, when running both the VPN Server / VPN Bridge service & the HTTP Server service and wishing to grant access to the server service from the VPN side as well), prepare and connect a local bridge network adapter and physically connect both it and the existing network adapter to the same segment (as explained in 3.6 Local Bridges, it is recommended to prepare a network adapter for exclusive use in local bridging for this and other situations).

https://www.softether.org/4-docs/1-manu ... r_Mac_OS_X

Also your "tap" fixes it.

+ "Bridge not working as expected"

[Elezorn]

Oh, I must've missed that. Thanks

Any ideas on the speed issue with Windows machine maybe?

[Elezorn]

Btw, the SE HUB is bridged with eth0, but there's also a wlan0 interface with it's own IP. And services are also not accessible via wlan0 IP from VPN clients. wlan0 is not bridged by SE in any way. It is still the same UNIX limitation you've mentioned, correct?