0

In the process of setting up a VPN client side, openvpn tries to add a route but it fails:

/usr/bin/ip route add 180.151.157.4/32 via 0.0.0.0
RTNETLINK answers: No such device

The reason why we add a static route for ip 180.151.157.4 to 0.0.0.0 must be a trick because I can't give it any sense... I has something to do with replacing the default route for what I know but I'm not sure. Someone can explain ?

Jérôme
  • 103
  • 4

1 Answers1

0

I believe that is a misconfiguration, though I'm not sure which.

Routes meant to be pushed to the client to go over the tunnel should be specified with a gateway of "gateway". Also, in iproute2, locally attached subnets aren't specified with a gateway at all, just a device.

Routes via 0.0.0.0 are null routes, meaning that the traffic should be discarded. This is normally valid. However, in the context of iproute2, I think it's preferable (maybe required?) to specify a blackhole route, i.e.

ip route add blackhole 192.0.2.1/32
Falcon Momot
  • 25,244
  • 15
  • 63
  • 92
  • Indeed, this route is added because server pushed `--redirect-gateway def1`. I changed my network settings from PPPoE to "classic" router config and the route pushed is now : `/usr/bin/ip route add 180.151.157.4/32 via 192.168.1.1`. – Jérôme Sep 08 '14 at 10:10
  • That option only pushes routes for 0.0.0.0/1 and 128.0.0.0/1... – Falcon Momot Sep 08 '14 at 17:14
  • My server push the following : PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 10.10.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.10.4.114 10.10.4.113' So I replaced the `pull` in my client with those commands. I tried whith `redirect-gateway` and without. The difference I noticed is in those 3 routes : /usr/bin/ip route add 119.9.85.24/32 via 192.168.1.1 /usr/bin/ip route add 0.0.0.0/1 via 10.10.4.113 /usr/bin/ip route add 128.0.0.0/1 via 10.10.4.113 – Jérôme Sep 09 '14 at 01:15