my topo
traceroute output from op4 to op7
log of op3
log of op5
my traffic should go through openvpn,not static route,how to fix it
openwrt openvpn
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
- ordex
- OpenVPN Inc.
- Posts: 444
- Joined: Wed Dec 28, 2016 2:32 am
- Location: IRC #openvpn-devel @ libera.chat
Re: openwrt openvpn
let's say this is "unrelated" to OpenVPN.
You scenario can be reformulated as if op3 and op5 have two ways to reach each other:
* direct link (in your case this is the VPN)
* via switch
op3 decides which link to route traffic through based on its own routing table.
In your case it is likely that the route via switch has a lower metric (higher prio) compared to the one over othe VPN link.
Depending on your needs, you can either:
1) change the metric to invert the priority or
2) use policy routing to route only specific traffic over the VPN link.
If you go with 1), make sure a static route towards the other VPN peer is installed (otherwise op3 would try to reach op5 via the tunnel and the VPN would break).
If you have troubles understanding the description above, please paste your routing tables and I can help pointing out the issue.
You scenario can be reformulated as if op3 and op5 have two ways to reach each other:
* direct link (in your case this is the VPN)
* via switch
op3 decides which link to route traffic through based on its own routing table.
In your case it is likely that the route via switch has a lower metric (higher prio) compared to the one over othe VPN link.
Depending on your needs, you can either:
1) change the metric to invert the priority or
2) use policy routing to route only specific traffic over the VPN link.
If you go with 1), make sure a static route towards the other VPN peer is installed (otherwise op3 would try to reach op5 via the tunnel and the VPN would break).
If you have troubles understanding the description above, please paste your routing tables and I can help pointing out the issue.