Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: John A. Sullivan III <jsullivan <at> opensourcedevel.com>
Subject: Re: 128.0.0.0/1 route
Newsgroups: gmane.network.openvpn.user
Date: Saturday 28th August 2010 17:57:18 UTC (over 6 years ago)
On Sat, 2010-08-28 at 19:36 +0200, Oliver Kindernay wrote:
> Hi list!
> 
> I am tunneling all my traffic through openvpn tunnel. Server
> configuration looks like this:
> 
> server 172.16.0.0 255.255.255.0
> push "redirect-gateway def1"
> 
> I am sending just relevant sections no whole configuration file. It
> works fine, this is how routing table on client looks like
> 
> Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
> 94.2X9.3X.1X3   192.168.1.1     255.255.255.255 UGH   0      0        0
eth0
> 172.16.0.0      0.0.0.0         255.255.255.0   U     0      0        0
tap0
> 192.168.1.0     0.0.0.0         255.255.255.0   U     202    0        0
eth0
> 127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0
lo
> 0.0.0.0         172.16.0.1      128.0.0.0       UG    0      0        0
tap0
> 128.0.0.0       172.16.0.1      128.0.0.0       UG    0      0        0
tap0
> 0.0.0.0         192.168.1.1     0.0.0.0         UG    202    0        0
eth0
> 
> or if you like output from ip command more (I do)
> 
> 94.2X9.3X.1X3 via 192.168.1.1 dev eth0
> 172.16.0.0/24 dev tap0  proto kernel  scope link  src 172.16.0.2
> 192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.11 
metric 202
> 127.0.0.0/8 dev lo  scope link
> 0.0.0.0/1 via 172.16.0.1 dev tap0
> 128.0.0.0/1 via 172.16.0.1 dev tap0
> default via 192.168.1.1 dev eth0  metric 202
> 
> What confused me is 128.0.0.0/1 entry. Why is it here? That's a mystery
for me.
> 
> Thank you for explaining :)

As far as I understand, it is a pretty clever way of replacing your
default route without replacing the original default route.  Between
0.0.0.0/128.0.0.0 and 128.0.0.0/128.0.0.0, one covers all possible
addresses.  Since these are more specific routes than 0.0.0.0/0.0.0.0,
they take precedence.  When OVPN is finished, it deletes these entries
and now 0.0.0.0/0.0.0.0 handles default routing - John


------------------------------------------------------------------------------
Sell apps to millions through the Intel(R) Atom(Tm) Developer Program
Be part of this innovative community and reach millions of netbook users 
worldwide. Take advantage of special opportunities to increase revenue and 
speed time-to-market. Join now, and jumpstart your future.
http://p.sf.net/sfu/intel-atom-d2d
 
CD: 2ms