Re: VPN Default Route

From: Dan Williams <dcbw redhat com>
To: Trey Nolen <support internetpro net>
Cc: networkmanager-list gnome org
Subject: Re: VPN Default Route
Date: Thu, 08 Jan 2009 13:19:31 -0500

On Fri, 2009-01-02 at 08:35 -0600, Trey Nolen wrote:
> 
> 
> 
> On 1/2/09 7:44 AM, "Maxim Levitsky" <maximlevitsky gmail com> wrote:
> 
> > On Fri, 2009-01-02 at 13:37 +0100, Ermanno Bonifazi wrote: > I'm
> back on the 
> > subject below.  I have just upgraded to Ubuntu 8.10 > and find
> confusing that 
> > creating a PPTP VPN all traffic is routed via > the VPN (this mean
> the default 
> > gateway is set by an automatic policy > to the VPN pppx). > > Since
> I'm using 
> > a mobile broadband modem and my PPTP VPN do not accept > all traffic
> but just 
> > the VPN traffic, all the remaing Internet traffic > should go via
> the ppp0 (in 
> > my case the mobile broadband) and not via > ppp1 (the VPN tunnell).
> > > If 
> > you leave VPN with default setting, when a VPN is started the >
> default 
> > gateway is automatically changed to VPN tunnel andf not the > the
> previous 
> > default gw (the modem). > > > I was able to achieve this behavior
> going to 
> > IPv4 setting, adding a > manual route for my VPN and checking the
> flag "Ignore 
> > automatically > obtained routes". > > I believe this may be
> confusing 
> > expecially for "standard user". I > believe something more similar
> to Windows 
> > PPTP vpn ( a check "do not > use gateway on remote network) could be
> more 
> > efficent, and will let > the user decide if they want to use the VPN
> as 
> > default gw or the > previous set default ge (in my case the modem or
> the 
> > WLAN). May be in > fact also difficult that user will know the route
> set by 
> > the VPN > server to add this information in IPV4 routes tab of NM. >
> > So far 
> > this is my understanding of the behavior, but looking on the > web,
> I've nof 
> > found a different and simpler way to achieve the > behavior I
> mention. > > 
> > Any suggestion or comment? > 
> I think I missed part of this thread, but I agree that the default
> route behavior is not ideal.  One thing that I think is important is
> that NM should restore the routes that were present when the VPN is
> disconnected.  Currently, it only restores the default route, and if
> you had any others, they are lost and have to be manually re-setup.
>   I’ve noticed that a VPN to an IPv4 network even blows away my IPv6
> routes.

0.7.1 release will have a less obscure method of making NetworkManager
never assign the default route to some interfaces.  This works for VPNs
as well, irregardless of what routes the server returns.

NM should restore the routes that you've added to the connection via the
connection editor.  Routes you manually add yourself via scripts or
whatever will not be restored, because NetworkManager has no knowledge
of them, precisely because you've added them via scripts and not via the
connection itself.

Dan

References:
- Re: VPN Default Route
  - From: Trey Nolen

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]