difference between IPd and Andoid routing

[red321]

Hi all, second attempt : Wrote a detailed post that got lost when posted (

Summary:

Ios (iPAd air 2 with 8.2) and android clients (nexus 5 with 5.1) connecting to a Ubuntu OpenVPN-as server behind a DSL router. with a 192.168.1.0/24 LAN subnet. I'm on holiday, accessing my home network and Home LAN servers.

Setup to allow Internet and DNS access through the tunnel, and access to the Home Lan Servers.

All is good when the remote ( Hotel/Hotspot) LAN subnet is different from the Home LAN.

When the hotel or Hotspot uses 192.168.1.0/24, the iPad routes all 192.168.1.0/24 to the hotspot LAN, so HomeLAN services are unreachable. I was confused by the fact DNS which was pointed at 192.168.1.254 as the DSL router still worked. Turned out the DNS was being successfully resolved via the Hotspot LAN as it also proxied vis the same address.

The android client happily routes everything via the tunnel, and works as I wish it to.

IS this a known feature/intentional ? The ipad is hard to diagnose as there is no access to the tools I would usually use, and I cant add routes to it, so I eventually found I could modify the wifi IP address to a /32 and then everything went down the tunnel, job done.But it was hard to diagnose, and I cant see any way to get the android behaviour on the IOs client

[Traffic]

When the hotel or Hotspot uses 192.168.1.0/24, the iPad routes all 192.168.1.0/24 to the hotspot LAN, so HomeLAN services are unreachable.
<..>
IS this a known feature/intentional ?

It is called a routing conflict and you can resolve it best by changing your home LAN to a more unique subnet e.g 10.73.49.0/24 or any other RFC1918 compliant subnet. Never use 192.168.0 or .1 or .2 etc

[red321]

Thanks for the reply. I get the routing conflict, and why changing homeLan would be a good idea. I also get that the simplest answer is the best for practical reasons.

But the Geek in me wants to understand,

Why the Android client has different behaviour ? I can see the routing table on my android device and it is simply two entries, with no explicit default route in my case

192.168.1.0/24 WLAN0
172.27.232.0/24 tun0

but as I said, all 192.168.1.0/24 traffic apart from the wlan allocated address, and the router itself (192.168.1.254) as a connected route I assume, go over the tunnel, so the rest of the /24 is tunnelled.
I can't see the routing table for the ios device
If its "just how routing works on iOS compared with Android", i'll leave the conversation here but if its configurable, then I would like to change it.

[ABauer]

Hi,

please let me try to explain the situation, you are facing right now:

The network setup looks like this:

192.168.1.0/24 (Public Wifi) --> 172.27.232.0/24 (VPN-Server network) --> 192.168.1.0/24 (Home LAN)

Because of the way IP routing work you would have to set a route like this:
(I'll write it in text for better understanding)

- "You can reach my home LAN, via the VPN-Server network gateway" -- 192.168.1.0/24 --> 172.27.232.1 (gateway ip address)

But this conflicts with the routing, which you already have on your device and which is needed:

- "You can reach the Public Wifi locally" -- 192.168.1.0/24 --> local

Is is a bit clearer now?

The best way to resolv this, is to follow the advice of "Traffic".


€dit: After writing this, I've seen, that you were asking explicitly about the differences between iOS and Android.
Concerning this, I can only guess.
But as they are both based on Unix/Linux I think they won't behave very differently in general.
My best guess, is that iOS and Android have a different order of the routes in the routing table. This could make the difference.