Bug 402695 - NetworkManager: routing behaves strangely when using vpn connections
Summary: NetworkManager: routing behaves strangely when using vpn connections
Status: RESOLVED DUPLICATE of bug 402495
Alias: None
Product: openSUSE 11.0
Classification: openSUSE
Component: Network (show other bugs)
Version: Final
Hardware: Other Other
: P5 - None : Normal (vote)
Target Milestone: ---
Assignee: Helmut Schaa
QA Contact: E-mail List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-06-23 09:47 UTC by Ulrich Derenthal
Modified: 2008-06-26 11:43 UTC (History)
0 users

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ulrich Derenthal 2008-06-23 09:47:12 UTC 
I have a vpnc and an openvpn connection. Both work from the command line.

After configuring them in KNetworkManager, I try to connect them. On the command line, the routes seem to be set up:

Before connection:

> /sbin/route -n
Kernel IP Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         192.168.2.1     0.0.0.0         UG    0      0        0 wlan0

Immediately after connection:

> /sbin/route -n
Kernel IP Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
134.76.83.44    192.168.2.1     255.255.255.255 UGH   0      0        0 wlan0
10.108.108.0    0.0.0.0         255.255.255.0   U     0      0        0 tun0
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         192.168.2.1     0.0.0.0         UG    0      0        0 wlan0

A bit later:

> /sbin/route -n
Kernel IP Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
134.76.83.44    192.168.2.1     255.255.255.255 UGH   0      0        0 wlan0
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 tun0

I am not sure whether there should be this change. But I can surf the web, and
websites that check my ip tell me that I have the vpn one.

Also there is this device:

> /sbin/ifconfig

tun0      Link encap:UNSPEC  Hardware Adresse
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet Adresse:10.108.108.66  P-z-P:10.108.108.65  Maske:255.255.255.0
          UP PUNKTZUPUNKT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:1188 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1129 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 Sendewarteschlangenlänge:100
          RX bytes:1096510 (1.0 Mb)  TX bytes:138553 (135.3 Kb)

It is unclear to me how I should use KNetworkManager to disconnect now. But
selection the same vpn connection again seems to do the job: afterwards, tun0
is gone, and:

> /sbin/route -n
Kernel IP Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         192.168.2.1     0.0.0.0         UG    0      0        0 wlan0

Similarly, with the vpnc connection, I get:

first

> /sbin/route -n
Kernel IP Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
130.60.5.139    192.168.2.1     255.255.255.255 UGH   0      0        0 wlan0
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0
130.60.204.0    0.0.0.0         255.255.252.0   U     0      0        0 tun0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         192.168.2.1     0.0.0.0         UG    0      0        0 wlan0

then

> /sbin/route -n
Kernel IP Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
130.60.5.138    192.168.2.1     255.255.255.255 UGH   0      0        0 wlan0
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 tun0

and 

tun0      Link encap:UNSPEC  Hardware Adresse
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet Adresse:130.60.204.43  P-z-P:130.60.204.43  Maske:255.255.252.0
          UP PUNKTZUPUNKT RUNNING NOARP MULTICAST  MTU:1412  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 Sendewarteschlangenlänge:500
          RX bytes:0 (0.0 b)  TX bytes:109 (109.0 b)

And it works fine, but KNetworkManager does not tell me that I am connected.

Selecting the same connection again (in "Starte VPN-Verbindung"):

first:

> /sbin/route -n
Kernel IP Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         192.168.2.1     0.0.0.0         UG    0      0        0 wlan0

but a bit later

> /sbin/route -n
Kernel IP Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
130.60.5.138    192.168.2.1     255.255.255.255 UGH   0      0        0 wlan0
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 tun0

with tun0 having disappeared in /sbin/ifconfig

and a few seconds later

> /sbin/route -n
Kernel IP Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         192.168.2.1     0.0.0.0         UG    0      0        0 wlan0

and everything seems to be back to normal: I can surf the web with my original
IP.
Comment 1 Helmut Schaa 2008-06-23 09:52:49 UTC 
Maybe Tambet knows more about the VPN integration :)
Comment 3 Tambet Ingo 2008-06-26 11:12:26 UTC 
The VPN route handling is a bit broken in NM right now, the routes returned from the VPN server are sometimes ignored, sometimes aren't. I have fixed this in upstream, but we can't fix it for 11.0 since it would change some api and might break some vpn backends. (FWIW, it's always been broken with NM and in order to make it work reliably, people should specify the static vpn routes at the vpn configuration window.)

The new bug here is the "And it works fine, but KNetworkManager does not tell me that I am connected." part: sounds to me like knm does not notice the VPN service is activated.
Comment 4 Helmut Schaa 2008-06-26 11:43:10 UTC 
Thanks Tambet.

(In reply to comment #3 from Tambet Ingo)
> The new bug here is the "And it works fine, but KNetworkManager does not tell
> me that I am connected." part: sounds to me like knm does not notice the VPN
> service is activated.

Closing as duplicate of bug #402495.

*** This bug has been marked as a duplicate of bug 402495 ***