Yet Another James Green Web Developer, Aquarist

Mac OS X, DHCP and unroutable subnets

If you have a DHCP server that hands out IP addresses in the subnet 169.254/16 then you could find yourself becoming disconnected.

From Wikipedia on the subject, that subnet is reserved for devices that need to auto-configure themselves with an IP address when no DHCP server responds. More specifically however, it is called a "Link-Local address" and routers are specifically not to forward packets from such interfaces.

Now for whatever reason (well before my time with the company) our Windows 2003 server was configured to serve this subnet up for VPN clients. Combine this with an Apple decision from Mac OC 10.6.5 to now honour the non-routing of messages from such addressed interfaces you have my Macbook Pro able to connect to our office VPN but get absolutely nothing on that network to respond.

If (on a Mac) you check the console's system.log (or tail /var/log/ppp.log) you might see:

That means there already is a route for 169.254... Apple I think added one to prevent further routes being added (which would be invalid, of course).

Nov 24 20:12:30 COMPUTER_NAME pppd[188]: local  IP address 169.254.190.134
Nov 24 20:12:30 COMPUTER_NAME pppd[188]: remote IP address 169.254.86.242

That's a pretty cast-iron guarantee that your DHCP server is issuing you an improper address. So to fix it you should instead choose from the "Private Address Space" for example 192.168.0.0/16 or 10.0.0.0/8.

Anyway, we reconfigured the Windows 2003 server to allocate IPs from it's normal LAN address space of 10.0.0.0/24 and my Mac now connects and routes traffic just fine.