I have a gentoo router with two openvpn instances (v2.4.6, udp and tcp) and every minute I always see this log messages:
Sep 12 15:42:50 lowpower2 openvpn[6505]: IP packet with unknown IP version=15 seenSep 12 15:42:50 lowpower2 openvpn[18725]: IP packet with unknown IP version=15 seenSep 12 15:43:51 lowpower2 openvpn[6505]: IP packet with unknown IP version=15 seenSep 12 15:43:51 lowpower2 openvpn[18725]: IP packet with unknown IP version=15 seenSep 12 15:44:53 lowpower2 openvpn[6505]: IP packet with unknown IP version=15 seenSep 12 15:44:53 lowpower2 openvpn[18725]: IP packet with unknown IP version=15 seenFor example, on tun1 (tcp) server side, when the vpn is not in use, that is no client is connected, with tcpdump I see this:
lowpower2 ~ # tcpdump -n -X -i tun1dropped privs to tcpdumptcpdump: verbose output suppressed, use -v or -vv for full protocol decodelistening on tun1, link-type RAW (Raw IP), capture size 262144 bytes15:37:42.981853 unknown ip 15 0x0000: ffff ffff ffff 0000 0000 0000 88a2 1000 ................ 0x0010: ffff ff01 0000 0000 0000 0000 0000 0000 ................15:38:44.421849 unknown ip 15 0x0000: ffff ffff ffff 0000 0000 0000 88a2 1000 ................ 0x0010: ffff ff01 0000 0000 0000 0000 0000 0000 ................15:39:45.861854 unknown ip 15 0x0000: ffff ffff ffff 0000 0000 0000 88a2 1000 ................ 0x0010: ffff ff01 0000 0000 0000 0000 0000 0000 ................This is the server configuration for udp
user nobodygroup nobodyport 563proto udpmultihomedev tun0persist-keypersist-tunca /etc/openvpn/server-multi/ca.crtcert /etc/openvpn/server-multi/lowpower2.crtkey /etc/openvpn/server-multi/lowpower2.keydh /etc/openvpn/server-multi/dh2048.pemtls-auth /etc/openvpn/server-multi/ta.key 0cipher AES-256-CBCauth SHA512ifconfig-pool-persist /etc/openvpn/server-udp-multi/ipp.txtserver 192.168.20.0 255.255.255.0push "route 192.168.0.0 255.255.255.248"push "route 192.168.11.0 255.255.255.0"push "route 192.168.12.0 255.255.255.0"push "route 192.168.13.0 255.255.255.0"push "route 192.168.14.0 255.255.255.0"keepalive 10 60verb 3max-clients 10This is the server configuration for tcp
user nobodygroup nobodyport 1494proto tcp-serverdev tun1persist-keypersist-tunca /etc/openvpn/server-multi/ca.crtcert /etc/openvpn/server-multi/lowpower2.crtkey /etc/openvpn/server-multi/lowpower2.keydh /etc/openvpn/server-multi/dh2048.pemtls-auth /etc/openvpn/server-multi/ta.key 0cipher AES-256-CBCauth SHA512ifconfig-pool-persist /etc/openvpn/server-tcp-multi/ipp.txtserver 192.168.21.0 255.255.255.0push "route 192.168.0.0 255.255.255.248"push "route 192.168.1.0 255.255.255.0"push "route 192.168.11.0 255.255.255.0"push "route 192.168.12.0 255.255.255.0"push "route 192.168.13.0 255.255.255.0"push "route 192.168.14.0 255.255.255.0"keepalive 10 60verb 3max-clients 10This are the use flags:
Installed versions: 2.4.6(08:40:56 PM 09/11/2018)(iproute2 ssl -down-root -examples -inotify -libressl -lz4 -lzo -mbedtls -pam -pkcs11 -plugins -selinux -static -systemd -test KERNEL="linux" USERLAND="-BSD")This the kernel:
Linux lowpower2 4.14.65-gentoo #3 SMP Thu Sep 6 22:05:43 CEST 2018 x86_64 Intel(R) Atom(TM) CPU D425 @ 1.80GHz GenuineIntel GNU/LinuxWhat is it due to? What type of packet is it? Is it possible to eliminate the warning message without decreasing the verbosity level?