I'm using opensSuSE as a router. eth0 is the WAN nic, eth1 is the LAN nic. I also have a tun10 device, which I'm using with an OpenVPN client connection.
I want yast routes to specify what traffic has to go out over the OpenVPN tunnel. All other traffic should continue to go out over eth0 (the default route). That's why I'm using route-nopull
, since the OpenVPN server pushes a default route for 0.0.0.0/32.
CentOS default gateway, what is it and what is its purpose?A computer needs to know the address of at least one gateway in order to connect to another network, this is called the Default Gateway.Whenever a computer tries to connect to a machine on a different network it will connect to the default network gateway and then the network gateway will route the traffic to the right network. Linux setup default gateway with route command last updated August 11, 2015 in Categories CentOS, Debian / Ubuntu, Linux, Networking, RedHat and Friends, Suse. H ow do I setup default gateway with a route command on a Linux operating systems?
However, I don't see the routes defined in yast show up in route -n
. How can I make them work?
The IP addressed below are made up. (except one for whatismyip.com)
OpenVPN client.conf
some excerpts
YaST network settings -> routing
default gateway: 101.102.103.104
device: eth0
routes: (just one example)
route -n
output
the marked lines only show up when I start the VPN tunnel withoutroute-nopull
As far as I know, YaST will not create those rules for you. If you really want to use YaST, I can not help - but if you only want to make your routes work, try this:
Add a route option to your OpenVPN client configuration (see the OpenVPN man page at --route for details). That way the routes will be added after a successfull connection is made with OpenVPN.
For example:
route 141.101.120.15 255.255.255.255 10.20.30.40
This turns out to be harder than I thought. The routes I want to delete are the '!' rejected routes, but I can't seem to formulate the right 'route del' command to pull it off.
Here is the routing table...
I have two entries for 192.168.46.79 and 10.1.0.0. These are auto-generated by the little Linux based router I'm using. I can ping the IPSEC tunnels from the shell itself, but traffic from the LAN takes the second route (the rejected '!' or '!H' route) for reasons I simply don't understand.
with the route -n
command you'll obtain
sudo route del -net 0.0.0.0 gw 192.168.178.1 netmask 0.0.0.0 dev eth0
you'll get all parameters respectively from above
The types of the routes with the !
flag are either unreachable or prohibit. route
, being an ancient utility from net-tools, does not differentiate between the two. Use iproute2.
The net-tools way to delete these routes would be to use route del
on it. However, net-tools provides no way to differentiate between the rejected route and the other one (because the dev argument is optional, though not specifying a device is likely to remove the unreachable route).
iproute2 allows you to do it like this:
It might not be unreachable, but prohibit. Use ip route
with no arguments to determine which.
I think it's this: route del -net 10.1.0.0 netmask 255.255.0.0 metric 2
I'm not 100% certain. But, I think you've got something else goofy going on since you have 2 default routes.
Please see if there is a 'device config file' under /etc/network/interfaces.d/-> I had eht0!! Really, it was eht0 and not eth0 there!