Page 1 of 1
How do I set the metric?
Posted: Tue Sep 06, 2011 4:56 pm
by MikeyCarter
I have the openvpn in bridge mode on tap2 on the server. On the client side it works great, except for the rare cases the computer is actually on the same network.
Then the routing tables look like this:
default via 192.168.0.5 dev em1 proto static
192.168.0.0/23 dev tap0 proto kernel scope link src 192.168.1.215
192.168.0.0/23 dev em1 proto kernel scope link src 192.168.0.90 metric 1
192.168.0.0/23 dev wlan0 proto kernel scope link src 192.168.0.91 metric 2
The metric is set by NetworkManager for the other two but everything I've tried to get the tap0 to set has failed. I need to set the tap0 to say 100 for the metric so it doesn't try to route the local traffic through it, while still maintaining the vpn link for debugging purposes.
Re: How do I set the metric?
Posted: Wed Sep 07, 2011 12:02 pm
by janjust
if you're using NetworkManager to connect then you cannot easily change this on the client side; your best bet would be to push a route from the server with a custom metric, using e.g.
Code: Select all
push "route 192.168.0.0 255.255.254.0 vpn_gateway 100"
where 'vpn_gateway' is special openvpn keyword.
Re: How do I set the metric?
Posted: Wed Sep 07, 2011 1:14 pm
by MikeyCarter
What if your not using NetworkManager for the openvpn link?
Re: How do I set the metric?
Posted: Wed Sep 07, 2011 1:29 pm
by janjust
then you can start add
to the client side config
Re: How do I set the metric?
Posted: Wed Sep 07, 2011 1:34 pm
by MikeyCarter
Tried that and it doesn't seem to work... does Network Manager reset it if detected? or is it a problem with the:
ifconfig-push 192.168.1.215 255.255.254.0
on the server-side?
Re: How do I set the metric?
Posted: Wed Sep 07, 2011 2:05 pm
by janjust
who sets the route 192.168.0.0/23 ? the ifconfig-push does not set a route per se. I was expecting that the 192.168.0.0/23 route gets pushed from the server (you can see this in the client log when 'verb 5' is set).
Re: How do I set the metric?
Posted: Wed Sep 07, 2011 2:15 pm
by MikeyCarter
On the client side with verb 5 I get:
Sep 7 10:11:16 butterfly openvpn[25776]: PUSH: Received control message: 'PUSH_REPLY,route-gateway 192.168.0.13,ping 10,ping-restart 120,ifconfig 192.168.1.211 255.255.254.0'
Sep 7 10:11:16 butterfly openvpn[25776]: OPTIONS IMPORT: timers and/or timeouts modified
Sep 7 10:11:16 butterfly openvpn[25776]: OPTIONS IMPORT: --ifconfig/up options modified
Sep 7 10:11:16 butterfly openvpn[25776]: OPTIONS IMPORT: route-related options modified
Sep 7 10:11:16 butterfly openvpn[25776]: TUN/TAP device tap0 opened
Sep 7 10:11:16 butterfly openvpn[25776]: TUN/TAP TX queue length set to 100
Sep 7 10:11:16 butterfly openvpn[25776]: /sbin/ip link set dev tap0 up mtu 1500
Sep 7 10:11:16 butterfly openvpn[25776]: /sbin/ip addr add dev tap0 192.168.1.211/23 broadcast 192.168.1.255
I think it's the ip command that's setting the route. What's the OPTIONS IMPORT: route-related options modified?
Also the 192.168.0.0/23 is me masking my actual IP addresses but keeping what's happening consistent.
Re: How do I set the metric?
Posted: Wed Sep 07, 2011 2:19 pm
by janjust
Sep 7 10:11:16 butterfly openvpn[25776]: /sbin/ip link set dev tap0 up mtu 1500
Sep 7 10:11:16 butterfly openvpn[25776]: /sbin/ip addr add dev tap0 192.168.1.211/23 broadcast 192.168.1.255
this output is only for the tap0 interface itself - no routes are set at that time; is there anything else in the client log (ip route add) ?
Re: How do I set the metric?
Posted: Wed Sep 07, 2011 2:36 pm
by MikeyCarter
no. right after the last message I sent is:
Sep 7 10:11:16 butterfly openvpn[25776]: Initialization Sequence Completed
There's nothing after that.
Re: How do I set the metric?
Posted: Wed Sep 07, 2011 3:36 pm
by janjust
then I'm *very* curious where the 192.168.0.0/23 route via tap0 came from - can you try it without NetworkManager running?