So I have a VPN setup - my workstation is the openvpn server with the following config: dev tap port 1000 remote s390x-4as.test.redhat.com ifconfig 10.204.5.1 255.255.255.0 secret /root/temp.key auth md5 cipher AES-128-CBC s390x-4as.test.redhat.com has the following configuration: dev tap port 1000 remote kovy.brq.redhat.com ifconfig 10.204.5.2 255.255.255.0 secret /root/temp.key auth md5 cipher AES-128-CBC dhcp server on my workstation: ddns-update-style ad-hoc; subnet 10.204.5.0 netmask 255.255.255.0 { option routers 10.204.5.1; option domain-name "test.redhat.com"; option domain-name-servers 172.16.52.28; max-lease-time 100; range 10.204.5.40 10.204.5.50; } now when I run start both sides of the vpn and try to acquire dhcp address through the VPN, I see: .qa.[root@s390x-4as tps]# dhclient tap0 Internet Systems Consortium DHCP Client V3.0.1 Copyright 2004 Internet Systems Consortium. All rights reserved. For info, please visit http://www.isc.org/products/DHCP /sbin/dhclient-script: configuration for tap0 not found. Continuing with defaults. /etc/sysconfig/network-scripts/network-functions: line 52: tap0: No such file or directory Listening on LPF/tap0/00:ff:a9:d5:cc:35 Sending on LPF/tap0/00:ff:a9:d5:cc:35 Sending on Socket/fallback DHCPDISCOVER on tap0 to 255.255.255.255 port 67 interval 6 DHCPDISCOVER on tap0 to 255.255.255.255 port 67 interval 13 DHCPDISCOVER on tap0 to 255.255.255.255 port 67 interval 15 DHCPDISCOVER on tap0 to 255.255.255.255 port 67 interval 15 DHCPDISCOVER on tap0 to 255.255.255.255 port 67 interval 7 And the default route gets erased, so I can't even ping the machine. I have only tested this on s390x. .qa.[root@s390x-4as ~]# rpm -qf `which dhclient` dhclient-3.0.1-58.EL4.s390x
This isn't supported. DHCP won't be able to work over the VPN because the underlying network stack lacks a real layer 2 implementation, which is what DHCP depends.
I know this isn't supported. The problem I wanted to point to is that the default routes got erased. This shouldn't happen.