Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

routes changing !

Linux Kernel, Network, and Services configuration.
Post Reply
Message
Author
mururoa
Posts: 12
Joined: 2016-11-27 12:58

routes changing !

#1 Post by mururoa »

Hi there,

I have a pretty strange routing problem but it happens every day when I use vpn.
I've checked all the routing daemon and none is active on my laptop but routes are changing.

At start I have normal routing. 2 interfaces but only one is connected. Wired connection.
For this post I will replace some informations with xxxx but they are valid on my laptop.
Let's start.
At first with only lan, Internet is ok, ns.my.lan is 192.168.0.1 :

Code: Select all

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         ns.my.lan       0.0.0.0         UG    100    0        0 eth1
192.168.0.0     0.0.0.0         255.255.255.0   U     100    0        0 eth1
Then I connect to Cisco VPN and it's still ok. Lan is working and I can reach the server @ work without any problem :

Code: Select all

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         0.0.0.0         0.0.0.0         U     50     0        0 vpn0
default         ns.my.lan       0.0.0.0         UG    100    0        0 eth1
sslvpn1.xxxxr.fr ns.my.lan       255.255.255.255 UGH   100    0        0 eth1
172.29.0.0      0.0.0.0         255.255.0.0     U     50     0        0 vpn0
192.168.0.0     0.0.0.0         255.255.255.0   U     100    0        0 eth1
ns.my.lan       0.0.0.0         255.255.255.255 UH    100    0        0 eth1
So far so good, but at a random time after that. Without any action done by me routes are added somehow :

Code: Select all

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         ns.my.lan       0.0.0.0         UG    0      0        0 eth1
default         0.0.0.0         0.0.0.0         U     50     0        0 vpn0
default         ns.my.lan       0.0.0.0         UG    100    0        0 eth1
sslvpn1.xxxx.fr ns.my.lan       255.255.255.255 UGH   100    0        0 eth1
172.29.0.0      0.0.0.0         255.255.0.0     U     50     0        0 vpn0
192.168.0.0     0.0.0.0         255.255.255.0   U     100    0        0 eth1
192.168.0.0     0.0.0.0         255.255.255.0   U     100    0        0 eth1
ns.my.lan       0.0.0.0         255.255.255.255 UH    0      0        0 eth1
ns.my.lan       0.0.0.0         255.255.255.255 UH    100    0        0 eth1
And so first default route is back again my home router and I cant reach any servers @work.
So far I reboot and connect to vpn once again but I would rather understand why it happens.
I tried to remove first entry and the command gives any error but route is not removed.
systemctl restart networking not correcting anything either.
Disconnect/reconnect vpn dont makes vpn0 first default route too.
No (more) dhcp client in use.
Routes added at a 'random' time between 5 minutes and several hours.
I use this laptop since months and this did not happens before like one week ago.
Where/what to look for ?

Same behavior with OpenVPN as with Cisco :

Code: Select all

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         ns.my.lan       0.0.0.0         UG    0      0        0 eth1
default         _gateway        0.0.0.0         UG    50     0        0 tun0
default         ns.my.lan       0.0.0.0         UG    100    0        0 eth1
dsi-sense.xx ns.my.lan       255.255.255.255 UGH   100    0        0 eth1
192.168.0.0     0.0.0.0         255.255.255.0   U     100    0        0 eth1
ns.my.lan       0.0.0.0         255.255.255.255 UH    0      0        0 eth1
ns.my.lan       0.0.0.0         255.255.255.255 UH    100    0        0 eth1
192.168.135.0   _gateway        255.255.255.0   UG    50     0        0 tun0
192.168.144.0   0.0.0.0         255.255.255.0   U     50     0        0 tun0

mururoa
Posts: 12
Joined: 2016-11-27 12:58

Re: routes changing !

#2 Post by mururoa »

Nobody knows ?
Amazing ...
I notice that when on pure lan the route are changing too. I did not notice this earlier since it did not cause any problem :

Code: Select all

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         ns.my.lan       0.0.0.0         UG    0      0        0 eth1
default         ns.my.lan       0.0.0.0         UG    100    0        0 eth1
192.168.0.0     0.0.0.0         255.255.255.0   U     100    0        0 eth1
ns.my.lan       0.0.0.0         255.255.255.255 UH    0      0        0 eth1
Guys, what the hell, add routes while I'm using my laptop ???

p.H
Global Moderator
Global Moderator
Posts: 3049
Joined: 2017-09-17 07:12
Has thanked: 5 times
Been thanked: 132 times

Re: routes changing !

#3 Post by p.H »

Please use "ip -4 route" instead of "route" to print the routing table. If you insist in using "route", please add "-n" to print numerical addresses instead of names. Can you also show the output of "ip -4 addr" ?
mururoa wrote: 2021-10-28 07:28 Same behavior with OpenVPN as with Cisco
Not exactly : Cisco routing table #2 has a duplicate route for 192.168.0.0/255.255.255.0, OpenVPN does not.

What client software do you use to connect to the Cisco VPN ?

How is eth1 managed (network service, method) ?
Did you check in the system logs, in the process list ?
Last edited by p.H on 2021-11-02 12:01, edited 1 time in total.

mururoa
Posts: 12
Joined: 2016-11-27 12:58

Re: routes changing !

#4 Post by mururoa »

Hi,
Here is ip -4 addr :

Code: Select all

$ ip -4 addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
5: eth1: <BROADCAST,MULTICAST,DYNAMIC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    inet 192.168.0.103/24 brd 192.168.0.255 scope global dynamic noprefixroute eth1
       valid_lft 5853sec preferred_lft 5853sec
    inet 192.168.0.100/24 brd 192.168.0.255 scope global secondary noprefixroute eth1
       valid_lft forever preferred_lft forever
6: vpn0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1390 qdisc pfifo_fast state UP group default qlen 500
    inet 172.29.128.11/16 brd 172.29.255.255 scope global noprefixroute vpn0
       valid_lft forever preferred_lft forever
It seems I have 2 IPs for eth1. This may be related to the problem.

Code: Select all

$ ip -4 route
default via 192.168.0.1 dev eth1 
default dev vpn0 proto static scope link metric 50 
default via 192.168.0.1 dev eth1 proto dhcp metric 100 
134.214.244.194 via 192.168.0.1 dev eth1 proto static metric 100 
172.29.0.0/16 dev vpn0 proto kernel scope link src 172.29.128.11 metric 50 
192.168.0.0/24 dev eth1 proto kernel scope link src 192.168.0.100 
192.168.0.0/24 dev eth1 proto kernel scope link src 192.168.0.103 metric 100 
192.168.0.0/24 dev eth1 proto kernel scope link src 192.168.0.100 metric 100 
192.168.0.1 dev eth1 scope link 
192.168.0.1 dev eth1 proto static scope link metric 100 
I use the network manager applet to configure Cisco and OpenVPN connections but the routes are added even without using vpn.
Today I tried to wait until routes are added before connecting to vpn but the result is what you can see last ip route command : vpn0 cant become default route and so I cant reach servers@work.
Last edited by mururoa on 2021-11-02 09:21, edited 1 time in total.

mururoa
Posts: 12
Joined: 2016-11-27 12:58

Re: routes changing !

#5 Post by mururoa »

Okay, found something today roaming the logs and internet.
I come back to say what if routes dont popup later but I'm pretty confident that was the problem.

p.H
Global Moderator
Global Moderator
Posts: 3049
Joined: 2017-09-17 07:12
Has thanked: 5 times
Been thanked: 132 times

Re: routes changing !

#6 Post by p.H »

mururoa wrote: 2021-11-02 08:10 I use the network manager applet to configure Cisco and OpenVPN connections
But what do you use to configure and manage eth1 ? Also NetworkManager ? Or /etc/network/interfaces{,.d/*} ?
Which method ? Static or DHCP ?

Indeed eth1 has two IPv4 addresses, one seems to be static and the other is dynamic. Which is the correct one ?

mururoa
Posts: 12
Joined: 2016-11-27 12:58

Re: routes changing !

#7 Post by mururoa »

Okay I have caught the culprit.
It was connman who was fighting with NetworkManager and indeed lost at first and win at last. They both tried to manage eth1.
I dunno how come I had 2 connection managers actives at the same time ...
Anyway, I disabled connman and all is ok now :

Code: Select all

systemctl stop connman.service
systemctl disable connman.service
systemctl mask connman.service

Post Reply