Hi!
I use a SecureNAT and I have a two big questions about this function.
1st. I have two physical network cards on my VPN-server with IP 10.137.254.254/24 and 172.17.254.254/24 respectively. My Virtual Hub with SecureNAT function don't use a Local Bridge. After I was enable the SecureNAT, SoftEther Virtual Interface obtain an IP address from network 10.137.254.254/24. Why did it choose this network exactly? My ISC Kea serves both network 10.137.254.254/24 and 172.17.254.254/24.
2nd. After obtaining an IP address SoftEther begin flooding my DHCP server (ISC Kea). It continuously send DHCP-REQUEST messages, although he already have an IP address. What is the reason for this behavior?
SecureNAT, Virtual Interface and DHCP
-
xcme
- Posts: 3
- Joined: Thu Feb 11, 2016 2:37 pm
Re: SecureNAT, Virtual Interface and DHCP
Can somebody help me? =)
-
thisjun
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: SecureNAT, Virtual Interface and DHCP
Try to disable kernel mode SecureNAT and Raw IP mode SecureNAT.
-
xcme
- Posts: 3
- Joined: Thu Feb 11, 2016 2:37 pm
Re: SecureNAT, Virtual Interface and DHCP
Thanks for the answer. I correctly understand that it applies to my second question?
Recently, this problem has removed itself without any action on my part. But there was another.
Now the situation is as follows. I turned off the Virtual Hub and turned it on again. Wherein:
1. SoftEther tries to get an address from the DHCP-server. It sends DHCPDISCOVER request
2. Immediately after that, he repeats DHCPDISCOVER
3. DHCP responds to the first request, such as DHCPOFFER 10.137.254.221
4. When a second packet coming, the server responds with an offer of a new address DHCPOFFER 10.137.254.222
5. SoftEther sends a DHCPREQUEST to 10.137.254.221
6. Immediately afterwards, he sends a DHCPREQUEST to 10.137.254.221 (not 222!) again.
7. The DHCP-server responds with DHCPACK to 10.137.254.221.
8. Because the server has received two requests for 10.137.254.221 he again sends DHCPACK to 10.137.254.221.
9. After a few seconds SoftEther sends DHCPRELEASE to 10.137.254.221
10. This package is also duplicated.
Why the SoftEther receives an address and then release it?
How I can disable the DHCP duplicate messages from SoftEther?
Recently, this problem has removed itself without any action on my part. But there was another.
Now the situation is as follows. I turned off the Virtual Hub and turned it on again. Wherein:
1. SoftEther tries to get an address from the DHCP-server. It sends DHCPDISCOVER request
2. Immediately after that, he repeats DHCPDISCOVER
3. DHCP responds to the first request, such as DHCPOFFER 10.137.254.221
4. When a second packet coming, the server responds with an offer of a new address DHCPOFFER 10.137.254.222
5. SoftEther sends a DHCPREQUEST to 10.137.254.221
6. Immediately afterwards, he sends a DHCPREQUEST to 10.137.254.221 (not 222!) again.
7. The DHCP-server responds with DHCPACK to 10.137.254.221.
8. Because the server has received two requests for 10.137.254.221 he again sends DHCPACK to 10.137.254.221.
9. After a few seconds SoftEther sends DHCPRELEASE to 10.137.254.221
10. This package is also duplicated.
Why the SoftEther receives an address and then release it?
How I can disable the DHCP duplicate messages from SoftEther?
-
thisjun
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: SecureNAT, Virtual Interface and DHCP
My answer is for both your question.
Kernel mode SecureNAT send DHCP request, so you should disable it.
Raw mode SecureNAT doesn't use NIC which isn't connected to internet, so disable it.
Kernel mode SecureNAT send DHCP request, so you should disable it.
Raw mode SecureNAT doesn't use NIC which isn't connected to internet, so disable it.