Re: openvpn fixes against svn 3140

From: Jon Escombe <lists dresco co uk>
To: Dan Williams <dcbw redhat com>
Cc: networkmanager-list gnome org
Subject: Re: openvpn fixes against svn 3140
Date: Thu, 6 Dec 2007 12:53:06 +0000 (GMT)

----- "Dan Williams" <dcbw redhat com> wrote:
> > -- Initiating the openvpn connection through NM gives me this:
> > 
> > # ip route
> > default dev tap0  scope link
> > 
> > so it changes the default route from ppp0 to tap0, but doesn't retain a 
> > specific route to the VPN server over ppp0 - so the tunnel stalls. Also 
> > doesn't add a gateway (however - this may be related to the problem above).
> 
> With vpnc this definitely isn't a problem; that's what the "gateway"
> address bits are for.  NM will ensure that there is always a route to
> the VPN server via the connected interface.  That's how it should work
> in openvpn too, but maybe openvpn plugin isn't setting the right bits in
> NMIP4Config?
> 
> Dan

Ok, that problem must be related to the ppp connection. I've just connected from another site and been more successful.

openvpn from NM:

82.x.x.174 via 192.168.10.1 dev wlan0 
192.168.10.0/24 dev wlan0  proto kernel  scope link  src 192.168.10.10 
default dev tap0  scope link 

openvpn from command line:

82.x.x.174 via 192.168.10.1 dev wlan0 
192.168.1.0/24 dev tap0  proto kernel  scope link  src 192.168.1.95 
192.168.10.0/24 dev wlan0  proto kernel  scope link  src 192.168.10.10 
default via 192.168.1.1 dev tap0 

Looking at the relevant output from each case 

nm-openvpn[13453]: /sbin/ip link set dev tap0 up mtu 1500
nm-openvpn[13453]: /sbin/ip addr add dev tap0 192.168.1.95/24 broadcast 192.168.1.255
nm-openvpn[13453]: /usr/bin/nm-openvpn-service-openvpn-helper tap0 1500 1574 192.168.1.95 255.255.255.0 init
nm-openvpn[13453]: /sbin/ip route add 82.x.x.174/32 via 192.168.10.1
nm-openvpn[13453]: ERROR: Linux route add command failed: shell command exited with error status: 2
nm-openvpn[13453]: /sbin/ip route del 0.0.0.0/0
nm-openvpn[13453]: /sbin/ip route add 0.0.0.0/0 via 192.168.1.1
nm-openvpn[13453]: Initialization Sequence Completed

/sbin/ip link set dev tap0 up mtu 1500
/sbin/ip addr add dev tap0 192.168.1.95/24 broadcast 192.168.1.255
/sbin/ip route add 82.x.x.174/32 via 192.168.10.1
/sbin/ip route del 0.0.0.0/0
/sbin/ip route add 0.0.0.0/0 via 192.168.1.1
Initialization Sequence Completed

So the only thing that looks different is that one of the route additions fails, and this was also the case in 6.5. I've no idea why as the commands are exactly the same? I'll try to debug the ppp case further, see what's different there that it's not liking..

Regards,
Jon

References:
- Re: openvpn fixes against svn 3140
  - From: Dan Williams

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]