OpenSuse 13.2. Network manager + VPN: routing table messed up

It has happened a few times, usually just after a dhcp negotiation.

The IP of the problematic PC is 192.168.2.25, its gateway is 192.168.2.128, sometimes I use a VPN (tun0) which is set up with NetworkManager (as is the normal internet connection).

This is the routing table when everything works fine:


Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.8.0.9        0.0.0.0         UG    1024   0        0 tun0
10.8.0.1        10.8.0.9        255.255.255.255 UGH   1024   0        0 tun0
10.8.0.9        0.0.0.0         255.255.255.255 UH    0      0        0 tun0
<IP of VPN>   192.168.2.128   255.255.255.255 UGH   1      0        0 eth0
192.168.1.0     192.168.2.128   255.255.255.0   UG    1      0        0 eth0
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0

After a few hours, it becomes this:


Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
<IP of VPN>  0.0.0.0         255.255.255.255 UH    1024   0        0 eth0
192.168.1.0     192.168.2.128   255.255.255.0   UG    1      0        0 eth0
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0

When that happens (as I said, just after a DHCP negotiation), the logs show:


2015-04-24T02:33:00.372563+02:00 linux-vf0c NetworkManager[774]: DHCPREQUEST on eth0 to 192.168.2.128 port 67 (xid=0x7ef88965)
2015-04-24T02:33:01.723976+02:00 linux-vf0c NetworkManager[774]: DHCPACK from 192.168.2.128 (xid=0x7ef88965)
2015-04-24T02:33:01.725757+02:00 linux-vf0c NetworkManager[774]: <info> (eth0): DHCPv4 state changed renew -> renew
2015-04-24T02:33:01.726069+02:00 linux-vf0c NetworkManager[774]: <info>   address 192.168.2.25
2015-04-24T02:33:01.726371+02:00 linux-vf0c NetworkManager[774]: <info>   plen 24 (255.255.255.0)
2015-04-24T02:33:01.726681+02:00 linux-vf0c NetworkManager[774]: <info>   gateway 192.168.2.128
2015-04-24T02:33:01.726976+02:00 linux-vf0c NetworkManager[774]: <info>   server identifier 192.168.2.128
2015-04-24T02:33:01.727252+02:00 linux-vf0c NetworkManager[774]: <info>   lease time 21600
2015-04-24T02:33:01.727539+02:00 linux-vf0c NetworkManager[774]: <info>   nameserver '192.168.2.128'
(...)
2015-04-24T02:33:01.728118+02:00 linux-vf0c NetworkManager[774]: bound to 192.168.2.25 -- renewal in 10359 seconds.
2015-04-24T02:33:01.807970+02:00 linux-vf0c NetworkManager[774]: <error> [1429835581.806795] [platform/nm-linux-platform.c:1714] add_object(): Netlink error adding 0.0.0.0/0 via 10.8.0.21 dev tun0 metric 1024 mss 0 src user: Unspecific failure
2015-04-24T02:33:01.808332+02:00 linux-vf0c NetworkManager[774]: <error> [1429835581.807014] [platform/nm-linux-platform.c:1714] add_object(): Netlink error adding 0.0.0.0/0 via 10.8.0.21 dev tun0 metric 1024 mss 0 src user: Unspecific failure
2015-04-24T02:33:01.808990+02:00 linux-vf0c NetworkManager[774]: <error> [1429835581.807055] [nm-policy.c:676] update_ip4_routing(): Failed to set default route.
2015-04-24T02:33:01.809473+02:00 linux-vf0c NetworkManager[774]: inet default table main
2015-04-24T02:33:01.809832+02:00 linux-vf0c NetworkManager[774]: priority 0x400 protocol static
2015-04-24T02:33:01.810138+02:00 linux-vf0c NetworkManager[774]: nexthop via 10.8.0.21 dev 5
2015-04-24T02:33:01.810435+02:00 linux-vf0c NetworkManager[774]: inet default table main
2015-04-24T02:33:01.810744+02:00 linux-vf0c NetworkManager[774]: priority 0x400 protocol static
2015-04-24T02:33:01.811051+02:00 linux-vf0c NetworkManager[774]: nexthop via 10.8.0.21 dev 5
2015-04-24T02:33:01.820927+02:00 linux-vf0c nm-dispatcher: Dispatching action 'dhcp4-change' for eth0

(...)
2015-04-24T02:33:33.052455+02:00 linux-vf0c nm-openvpn[1135]: [TG-OVPN-CA] Inactivity timeout (--ping-restart), restarting
2015-04-24T02:33:33.052888+02:00 linux-vf0c nm-openvpn[1135]: SIGUSR1[soft,ping-restart] received, process restarting
(...)
2015-04-24T02:33:38.059063+02:00 linux-vf0c nm-openvpn[1135]: Attempting to establish TCP connection with [AF_INET]<IP of VPN>:443 [nonblock]
2015-04-24T02:33:42.061830+02:00 linux-vf0c nm-openvpn[1135]: TCP: connect to [AF_INET]<IP of VPN>:443 failed, will try again in 5 seconds: No route to host
2015-04-24T02:33:51.069848+02:00 linux-vf0c nm-openvpn[1135]: TCP: connect to [AF_INET]<IP of VPN>:443 failed, will try again in 5 seconds: No route to host
2015-04-24T02:34:00.078808+02:00 linux-vf0c nm-openvpn[1135]: TCP: connect to [AF_INET]<IP of VPN>:443 failed, will try again in 5 seconds: No route to host
(...)

To make the whole thing work again I have to manually remove the buggy routing entry (<IP of VPN> 0.0.0.0 255.255.255.255 UH 1024 0 0 eth0) and restart the VPN via the NetworkManager applet.

Does anyone have a clue as to what should I look into to fix this?

Thanks :slight_smile:

And it happened again… I guess I’m the only lucky one.

A bug report perhaps?

Done.

It’s here.
https://bugzilla.opensuse.org/show_bug.cgi?id=929463

Okay, thanks for reporting.