No packets after changing routing information

Question

Created Oct ’23

Replies 6

Boosts 0

Participants 2

In my iOS VPN app the user can change between full tunnel or split tunnel. With full tunnel the PacketTunnelProvider includedRoutes are set to defaultRoute and in split tunnel the includedRoutes are set to what the user has configured.

When going from full tunnel to split everything works as expected and I see the routing table change and packets flow as expected.

However, when going from split tunnel to full, even though I see the routing table updated with the default route setting, I am seeing no packets coming in on my readPacketsWithCompletionHandler for my TUN interface.

I know the interface is active because I can bind to it and send data just fine (as a test) but nothing in the system appears to be working.

I do the same exact thing in macOS and it works flawlessly.

Thoughts?

Boost

Answer 1

sboanr OP

Oct ’23

Disregard this post. I found that not all the routes needed were getting set. Sorry for the issue.

0

Answer 2

sboanr OP

Oct ’23

@eskimo,

I'm going to need to back track my back track. After doing some more testing and examining of the route table I am still having an issue when I change the PTP IPv4 Settings to go from a Split Tunnel configuration to a Full Tunnel configuration, i.e. PTP includedRoutes = defaultRoute. From initial connection Full Tunnel config works exactly as expected, but once I change to Split and then back to Full the system appears to think there is no network.

Thoughts of where I can look?

Thx

0

Answer 3

DTS Engineer OP

Apple

Oct ’23

I'm going to need to back track my back track.

(-:

once I change to Split and then back to Full the system appears to think there is no network.

Does this state clear if you stop and restart the interface?

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 4

sboanr OP

Oct ’23

I can now see the same issue on macOS.

0

Answer 5

DTS Engineer OP

Apple

Oct ’23

Please reply in a reply. I’m not notified if you reply in the comments. See tip 5 in Quinn’s Top Ten DevForums Tips.

Yes it does.

OK. That suggests that this is a bug, and I recommend that you file it as such. Make sure to:

Enable NE diagnostics per the VPN (Network Extension) entry on Bug Reporting > Profiles and Logs.
Include a sysdiagnose log taken shortly after reproducing the problem.

Please post your bug number, just for the record.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 6

sboanr OP

Oct ’23

FB13286881

0