Just had a weird crash on my network in Grass Valley. I was trying out my new VPN setup on my iMac, tunneling all my Mac’s traffic through an OpenVPN connection to my router in San Francisco. Worked great! Then I got clever and tried to open http://192.168.0.1/, my router status page, curious what the VPN route would do. That page looked like it loaded but I think Chrome was loading a stale page; once I clicked on any other page on the router status panel it failed.
But not just the web page failed. My network failed. In my whole house, every device dead. The router wasn’t responding to DHCP requests. Even worse, the router didn’t come back after power cycling it. Three times. The power light came on but there was no DHCP service on the Ethernet, no WiFi. It was like the router had failed to boot. I finally got the router to come up on the fourth try. That time I’d disconnected my ethernet switch (and the rest of the home network) from the router first.
I have no theory for what went wrong. It seems implausible that client traffic on a VPN would kill the router, but not impossible. But I have zero idea why the router wouldn’t boot successfully until I disconnected the rest of the LAN. Sadly, I have no logfiles from the router to help.
Now I’m scare to try using the VPN again. But, well, what’s the worst that could happen?
.. And we’re back, on the VPN again, and I can’t trigger that crash again. Maybe a fluke? I think the page I was loading when the network died last time was Tomato’s Device List. It seems very unlikely, but maybe that somehow does some funky ethernet tickling that got my switch in a bad state? Weird.
I did work to understand tunnelblick a little more. It creates a new network interface utun0 that’s a point to point link between two addresses in the VPN block. Then it adds a network route with destination “0/1” with the remote end of the VPN as the gateway. I guess that is a catch-up IPv4 route, which sits above “default” in priorities but below any more specific routing table entry like 192.168.0 going over my LAN. The result seems to work correctly, Wireshark confirms most of my traffic is going over the VPN tunnel but I can still connect to hosts on my LAN.