[lug] vpn and traceroute
Zan Lynx
zlynx at acm.org
Mon May 23 13:08:24 MDT 2011
On 5/23/2011 12:59 PM, karl horlen wrote:
> sorry i got a followup question. it seems there's a race condition
> of some kind.
>
> if i delete the default route which is normally going out my local
> interface vs vpn interface, before i can replace the default route
> with a new route to set the default route to go through the vpn (did
> you catch that ;), the vpn connection is killed as it probably tries
> to keep alive through the local network adapater. as a matter of
> fact, the more i think about this, doesn't the vpn need the default
> route set to the local adapter so it can perform it's tunneling
> correctly?
>
> am i'm missing something.
>
> what i want to do is route all http traffic over the vpn and not over
> my local network. however when i delete default route, the vpn goes
> down.
>
>
> the vpn needs to communicate which it
This kind of problem is why, if at all possible, you should use an
option built into the VPN program to change the default route.
But if you are on Windows, which I think you are? Then you should try
using ROUTE CHANGE instead of delete and add. That should transparently
modify the route and it won't ever be down.
Another thing that you may be able to do is to add another default route
with a better metric. That should take over as the default and when the
VPN interface goes down the route should go down too and then everything
will fall back to the regular route.
And about the crap in the Windows route table. It really does need that.
What you're seeing is hidden by default in Linux. The Linux route tables
have all the same stuff but a lot of it is in separate routing tables.
For example:
$ ip rule
0: from all lookup 255
32766: from all lookup main
32767: from all lookup default
$ ip route list table 255
broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1
broadcast 192.168.13.0 dev eth0 proto kernel scope link src 192.168.13.128
local 192.168.13.128 dev eth0 proto kernel scope host src 192.168.13.128
broadcast 192.168.13.255 dev eth0 proto kernel scope link src 192.168.13.128
broadcast 127.0.0.0 dev lo proto kernel scope link src 127.0.0.1
local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1
local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1
More information about the LUG
mailing list