Why are routes only pushed to clients with static IP's

Post by CodeNinja » Mon Sep 14, 2020 7:16 am

I need to setup a OpenVPN network which will probably grow to a serval hundreds of clients in the next few months. Some of the clients are servers and others are devices that need services, hosted on the server(s).

The idea is to use a network where all clients are into. The servers should have a static VPN IP in the range - and the other clients should have DHCP VPN IP's in the range - The OpenVPN server (currently 1) has IP

To distribute the static "server" IP's, i uncommented client-config-dir in the OpenVPN server.conf , created a config file for each server in ccd with the servers CN name as filename and added route to server.conf. Each client file contains something like this:
Server Config

// For each client that should get an static ip
ifconfig-push 10.10.0.x

When i try to ping from one of the servers with an static VPN IP, i the ping is successfull.

For the DHCP clients i set some configurations in server.conf
Server config

dev tun
proto udp
dev tun
mode server
push "route-gateway"
push "route"

The clients connect correctly and get an IP in the expected range (e.g but when i try to ping to, the ping times out. When i check the gateways with route -n i see that the wrong gateway is set:

Code: Select all

root@somedevice:/home/pi# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface         UG    202    0        0 eth0 UH    0      0        0 tun0    <-- should be ?   U     202    0        0 eth0
When i add the gateway manually route add tun0 i'm able to ping the VPN server. I still cannot ping the servers (e.g. When i check routel, i notice that the a route to is missing.

Code: Select all

root@somedevice:/home/pi# routel
         target            gateway          source    proto    scope    dev tbl
        default     dhcp            eth0                                                 link   tun0                   kernel     link   tun0 24               dhcp     link   eth0              local   kernel     host   tun0 local          broadcast   kernel     link   eth0 local              local   kernel     host   eth0 local          broadcast   kernel     link   eth0 local          broadcast   kernel     link     lo local 8            local   kernel     host     lo local              local   kernel     host     lo local          broadcast   kernel     link     lo local
            ::1                                      kernel              lo
        fe80::/ 64                                   kernel            eth0
        fe80::/ 64                                   kernel            tun0
            ::1              local                   kernel              lo local
fe80::65cf:ce3:fc9f:20fa              local                   kernel            eth0 local
fe80::c648:ccba:8f47:86b7              local                   kernel            tun0 local
        ff00::/ 8                                                      eth0 local
        ff00::/ 8                                                      tun0 local
When i add this route manually ip route add via i can ping the servers (e.g. :-D


I noticed that the routes that i try to push to the clients ([quote]push "route-gateway"[/quote] and [quote]push "route"[/quote]) are only pushed to clients with static ip's but not to the one's with an DHCP IP. How can i also push the route(s) and gateway to the DHCP clients as well?
Re: Why are routes only pushed to clients with static IP's

Post by TinCanTech » Mon Sep 14, 2020 11:56 am

