Hello, i have a little question. My system: ip route: 0.0.0.0/1 via 10.8.0.5 dev tun0 default via 192.168.2.1 dev br0 proto static metric 425 10.8.0.1 via 10.8.0.5 dev tun0 10.8.0.5 dev tun0 proto kernel scope link src 10.8.0.6 88.198.140.127 via 192.168.2.1 dev br0 192.168.2.0/24 dev br0 proto kernel scope link src 192.168.2.101 metric 425 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 traceroute gmx.de traceroute to gmx.de (213.165.65.60), 30 hops max, 60 byte packets 1 Speedport.ip (192.168.2.1) 0.578 ms 0.662 ms 0.859 ms ^C [root at h1 ~]# traceroute spiegel.de traceroute to spiegel.de (62.138.116.3), 30 hops max, 60 byte packets 1 10.8.0.1 (10.8.0.1) 35.009 ms 34.982 ms 34.956 ms Why the routing is different, in first case over br0 in second over the vpn device? How can i disable "push default route" from the server-directive on client-side in OpenVPN? I want, that only traffic, incoming over tun0 routing back over tun0. Is this possible with firewalld-cmd? Thx. Gr??e Axel
> ip route: > 0.0.0.0/1 via 10.8.0.5 dev tun0 > default via 192.168.2.1 dev br0 proto static metric 425 > 10.8.0.1 via 10.8.0.5 dev tun0 > 10.8.0.5 dev tun0 proto kernel scope link src 10.8.0.6 > 88.198.140.127 via 192.168.2.1 dev br0 > 192.168.2.0/24 dev br0 proto kernel scope link src 192.168.2.101 > metric 425 > 192.168.122.0/24 dev virbr0 proto kernel scope link src > 192.168.122.1 > > > traceroute gmx.de > traceroute to gmx.de (213.165.65.60), 30 hops max, 60 byte packets > 1 Speedport.ip (192.168.2.1) 0.578 ms 0.662 ms 0.859 ms > ^C > > [root at h1 ~]# traceroute spiegel.de > traceroute to spiegel.de (62.138.116.3), 30 hops max, 60 byte packets > 1 10.8.0.1 (10.8.0.1) 35.009 ms 34.982 ms 34.956 ms > > Why the routing is different, in first case over br0 in second over > the vpn device?Have no idea what 0.0.0.0/1 is, but 62.138.116.3 is part of 0.0.0.0/1 and 213.165.65.60 is not.
Hello, there is one route missing: 128.0.0.0/1. config client: route-nopull redirect-gateway def1 bypass-dhcp best regards Helmut Viele Gr??e Helmut Drodofsky Internet XS Service GmbH He?br?hlstra?e 15 70565 Stuttgart Gesch?ftsf?hrung Dr.-Ing. Roswitha Hahn-Drodofsky HRB 21091 Stuttgart USt.ID: DE190582774 Tel. 0711 781941 0 Fax: 0711 781941 79 Mail: info at internet-xs.de www.internet-xs.de Am 06.12.2015 um 20:26 schrieb Axel Glienke:> Hello, > > i have a little question. > > My system: > > ip route: > 0.0.0.0/1 via 10.8.0.5 dev tun0 > default via 192.168.2.1 dev br0 proto static metric 425 > 10.8.0.1 via 10.8.0.5 dev tun0 > 10.8.0.5 dev tun0 proto kernel scope link src 10.8.0.6 > 88.198.140.127 via 192.168.2.1 dev br0 > 192.168.2.0/24 dev br0 proto kernel scope link src 192.168.2.101 > metric 425 > 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 > > > traceroute gmx.de > traceroute to gmx.de (213.165.65.60), 30 hops max, 60 byte packets > 1 Speedport.ip (192.168.2.1) 0.578 ms 0.662 ms 0.859 ms > ^C > > [root at h1 ~]# traceroute spiegel.de > traceroute to spiegel.de (62.138.116.3), 30 hops max, 60 byte packets > 1 10.8.0.1 (10.8.0.1) 35.009 ms 34.982 ms 34.956 ms > > Why the routing is different, in first case over br0 in second over > the vpn device? > > > How can i disable "push default route" from the server-directive on > client-side in OpenVPN? > I want, that only traffic, incoming over tun0 routing back over tun0. > Is this possible with firewalld-cmd? > > Thx. > > Gr??e > > Axel > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos
Helmut Drodofsky wrote:> Hello, > > there is one route missing: > > 128.0.0.0/1. >Did you mean 127.0.0.0? mark> config client: > route-nopull > redirect-gateway def1 bypass-dhcp > > best regards > Helmut > > Viele Gr??e > Helmut Drodofsky > > Internet XS Service GmbH > He?br?hlstra?e 15 > 70565 Stuttgart > > Gesch?ftsf?hrung > Dr.-Ing. Roswitha Hahn-Drodofsky > HRB 21091 Stuttgart > USt.ID: DE190582774 > Tel. 0711 781941 0 > Fax: 0711 781941 79 > Mail: info at internet-xs.de > www.internet-xs.de > > Am 06.12.2015 um 20:26 schrieb Axel Glienke: >> Hello, >> >> i have a little question. >> >> My system: >> >> ip route: >> 0.0.0.0/1 via 10.8.0.5 dev tun0 >> default via 192.168.2.1 dev br0 proto static metric 425 >> 10.8.0.1 via 10.8.0.5 dev tun0 >> 10.8.0.5 dev tun0 proto kernel scope link src 10.8.0.6 >> 88.198.140.127 via 192.168.2.1 dev br0 >> 192.168.2.0/24 dev br0 proto kernel scope link src 192.168.2.101 >> metric 425 >> 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 >> >> >> traceroute gmx.de >> traceroute to gmx.de (213.165.65.60), 30 hops max, 60 byte packets >> 1 Speedport.ip (192.168.2.1) 0.578 ms 0.662 ms 0.859 ms >> ^C >> >> [root at h1 ~]# traceroute spiegel.de >> traceroute to spiegel.de (62.138.116.3), 30 hops max, 60 byte packets >> 1 10.8.0.1 (10.8.0.1) 35.009 ms 34.982 ms 34.956 ms >> >> Why the routing is different, in first case over br0 in second over >> the vpn device? >> >> >> How can i disable "push default route" from the server-directive on >> client-side in OpenVPN? >> I want, that only traffic, incoming over tun0 routing back over tun0. >> Is this possible with firewalld-cmd? >> >> Thx. >> >> Gr??e >> >> Axel >> >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> https://lists.centos.org/mailman/listinfo/centos > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >