Re: Broken OpenVPN

From: Nathaniel McCallum <nathaniel themccallums org>
To: Dan Williams <dcbw redhat com>
Cc: networkmanager-list gnome org
Subject: Re: Broken OpenVPN
Date: Thu, 07 Aug 2008 19:02:30 -0400

Dan Williams wrote:

On Fri, 2008-08-01 at 17:46 -0400, Nathaniel McCallum wrote:

So I upgraded to the stuff in F9 updates-testing and it broke
NM-OpenVPN.  Particularly, the problem is routing.

Routing before the upgrade:
$ route -n | grep tun
10.254.0.1      10.254.0.9      255.255.255.255 UGH   0      0
0 tun0
10.254.0.9      0.0.0.0         255.255.255.255 UH    0      0
0 tun0

Routing after the upgrade:
$ route -n | grep tun
10.254.0.1      10.254.0.9      255.255.255.255 UGH   0      0
0 tun0
10.254.0.0      0.0.0.0         255.255.255.0   U     0      0
0 tun0


What ends up breaking here?  Do you just want traffic to 10.254.0.9 to
go out over tun0 and everything else (including all other 10.254.0.x/24)
to still go out over the local network?

Also, what does the openvpn server config look like?

The only difference between the two dumps above should be that in the
second, all 10.254.0.0/24 traffic goes out over the tunnel now.

Sorry, I think I pasted the wrong thing before.

Routing before the upgrade:
$ route -n | grep tun0
10.254.0.5      0.0.0.0         255.255.255.255 UH    0      0        0 tun0
10.254.0.1      10.254.0.5      255.255.255.255 UGH   0      0        0 tun0
10.175.211.0    10.254.0.5      255.255.255.0   UG    0      0        0 tun0

Routing after the upgrade:
$ route -n | grep tun0
10.254.0.1      10.254.0.5      255.255.255.255 UGH   0      0        0 tun0
10.254.0.0      0.0.0.0         255.255.255.0   U     0      0        0 tun0

You can see that after the update the route to 10.175.211.0/24 is gone.Using openvpn directly from the CLI, I get the same results aspre-upgrade. So apparently the new NM is dropping the 10.175.211.0/24advertised route somewhere (I've not manually configured this routeanywhere)...

There is also another bug I've found. When going into the new VPNconnection editing interface, and to IPv4 Settings I can add staticroutes. If I add a static route, when I make the connection, thegateways are always "0.0.0.0" regardless of what is in the Gateway field.


Nathaniel

Follow-Ups:
- Re: Broken OpenVPN
  - From: Dan Williams

References:
- Broken OpenVPN
  - From: Nathaniel McCallum
- Re: Broken OpenVPN
  - From: Dan Williams

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]