[Bug 1489578] [NEW] Default route for IPv6 not being set correctly

nemith Thu, 27 Aug 2015 12:41:27 -0700

Public bug reported:

After connecting to an openconnect VPN IPv4 and IPv6 default routes
should be updated to go through the VPN instead of directly out any
physical nic.


I have found this works fine for IPv4.
IPv4 Before connecting
````
ip route listmtr
default via 10.10.4.1 dev eth1
default via 10.10.4.1 dev eth1  proto static  metric 1024
10.10.4.0/24 dev eth1  proto kernel  scope link  src 10.10.4.195
169.254.0.0/16 dev eth1  scope link  metric 1000
172.26.12.0/22 dev wlan0  proto kernel  scope link  src 172.26.12.122
192.168.12.165 via 172.26.12.1 dev wlan0  proto dhcp  metric 10
192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1
```

IPv4 After
```
default dev vpn0  proto static  scope link  metric 1024
10.10.4.0/24 dev eth1  proto kernel  scope link  src 10.10.4.195
169.254.0.0/16 dev eth1  scope link  metric 1000
172.26.12.0/22 dev wlan0  proto kernel  scope link  src 172.26.12.122
172.26.112.0/20 dev vpn0  proto kernel  scope link  src 172.26.125.30
192.168.12.165 via 172.26.12.1 dev wlan0  proto dhcp  metric 10
192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1
199.201.64.20 via 10.10.4.1 dev eth1  proto static  metric 1
```

With IPv6 the VPN route is added but with the same metric so no traffic
is ever taking the tunnel for IPv6.   If i use the command line
openconnect tool (bypassing network-manager) it installs a default route
with a metric of 1 (still does not remove the other route) which allows
tunneling.

IPv6 Before:
```
2620:10d:c081:1103::/64 dev wlan0  proto kernel  metric 256  expires 603730sec
fe80::/64 dev eth1  proto kernel  metric 256
fe80::/64 dev wlan0  proto kernel  metric 256
default via fe80::5:73ff:fea0:c2a dev wlan0  proto static  metric 1024
```

IPv6 After:
```
2620:10d:c081:1103::/64 dev wlan0  proto ra  metric 10
2620:10d:c081:1110::/64 dev vpn0  proto kernel  metric 256
fe80::/64 dev eth1  proto kernel  metric 256
fe80::/64 dev wlan0  proto kernel  metric 256
default via fe80::5:73ff:fea0:c2a dev wlan0  proto static  metric 1024
default dev vpn0  proto static  metric 1024
```

ProblemType: Bug
DistroRelease: Ubuntu 15.04
Package: network-manager-openconnect 0.9.10.0-1ubuntu2
ProcVersionSignature: Ubuntu 3.19.0-26.28-generic 3.19.8-ckt4
Uname: Linux 3.19.0-26-generic x86_64
ApportVersion: 2.17.2-0ubuntu1.3
Architecture: amd64
CurrentDesktop: Unity
Date: Thu Aug 27 13:18:57 2015
InstallationDate: Installed on 2015-08-03 (24 days ago)
InstallationMedia: Ubuntu 15.04 "Vivid Vervet" - Release amd64 (20150422)
SourcePackage: network-manager-openconnect
UpgradeStatus: No upgrade log present (probably fresh install)

** Affects: network-manager-openconnect (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug third-party-packages vivid

** Description changed:

  After connecting to an openconnect VPN IPv4 and IPv6 default routes
  should be updated to go through the VPN instead of directly out any
  physical nic.
  
  I have found this works fine for IPv4.
  IPv4 Before connecting
  ````
- ip route listmtr 
- default via 10.10.4.1 dev eth1 
- default via 10.10.4.1 dev eth1  proto static  metric 1024 
- 10.10.4.0/24 dev eth1  proto kernel  scope link  src 10.10.4.195 
- 169.254.0.0/16 dev eth1  scope link  metric 1000 
- 172.26.12.0/22 dev wlan0  proto kernel  scope link  src 172.26.12.122 
- 192.168.12.165 via 172.26.12.1 dev wlan0  proto dhcp  metric 10 
- 192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1 
+ ip route listmtr
+ default via 10.10.4.1 dev eth1
+ default via 10.10.4.1 dev eth1  proto static  metric 1024
+ 10.10.4.0/24 dev eth1  proto kernel  scope link  src 10.10.4.195
+ 169.254.0.0/16 dev eth1  scope link  metric 1000
+ 172.26.12.0/22 dev wlan0  proto kernel  scope link  src 172.26.12.122
+ 192.168.12.165 via 172.26.12.1 dev wlan0  proto dhcp  metric 10
+ 192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1
  ```
  
  IPv4 After
  ```
- default dev vpn0  proto static  scope link  metric 1024 
- 10.10.4.0/24 dev eth1  proto kernel  scope link  src 10.10.4.195 
- 169.254.0.0/16 dev eth1  scope link  metric 1000 
- 172.26.12.0/22 dev wlan0  proto kernel  scope link  src 172.26.12.122 
- 172.26.112.0/20 dev vpn0  proto kernel  scope link  src 172.26.125.30 
- 192.168.12.165 via 172.26.12.1 dev wlan0  proto dhcp  metric 10 
- 192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1 
- 199.201.64.20 via 10.10.4.1 dev eth1  proto static  metric 1 
+ default dev vpn0  proto static  scope link  metric 1024
+ 10.10.4.0/24 dev eth1  proto kernel  scope link  src 10.10.4.195
+ 169.254.0.0/16 dev eth1  scope link  metric 1000
+ 172.26.12.0/22 dev wlan0  proto kernel  scope link  src 172.26.12.122
+ 172.26.112.0/20 dev vpn0  proto kernel  scope link  src 172.26.125.30
+ 192.168.12.165 via 172.26.12.1 dev wlan0  proto dhcp  metric 10
+ 192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1
+ 199.201.64.20 via 10.10.4.1 dev eth1  proto static  metric 1
  ```
  
  With IPv6 the VPN route is added but with the same metric so no traffic
  is ever taking the tunnel for IPv6.   If i use the command line
  openconnect tool (bypassing network-manager) it installs a default route
  with a metric of 1 (still does not remove the other route) which allows
  tunneling.
  
- 
  IPv6 Before:
  ```
  2620:10d:c081:1103::/64 dev wlan0  proto kernel  metric 256  expires 603730sec
- fe80::/64 dev eth1  proto kernel  metric 256 
- fe80::/64 dev wlan0  proto kernel  metric 256 
- default via fe80::5:73ff:fea0:c2a dev wlan0  proto static  metric 1024 
+ fe80::/64 dev eth1  proto kernel  metric 256
+ fe80::/64 dev wlan0  proto kernel  metric 256
+ default via fe80::5:73ff:fea0:c2a dev wlan0  proto static  metric 1024
  ```
  
  IPv6 After:
  ```
- 2620:10d:c081:1103::/64 dev wlan0  proto ra  metric 10 
- 2620:10d:c081:1110::/64 dev vpn0  proto kernel  metric 256 
- fe80::/64 dev eth1  proto kernel  metric 256 
- fe80::/64 dev wlan0  proto kernel  metric 256 
- default via fe80::5:73ff:fea0:c2a dev wlan0  proto static  metric 1024 
- default dev vpn0  proto static  metric 1024 
+ 2620:10d:c081:1103::/64 dev wlan0  proto ra  metric 10
+ 2620:10d:c081:1110::/64 dev vpn0  proto kernel  metric 256
+ fe80::/64 dev eth1  proto kernel  metric 256
+ fe80::/64 dev wlan0  proto kernel  metric 256
+ default via fe80::5:73ff:fea0:c2a dev wlan0  proto static  metric 1024
+ default dev vpn0  proto static  metric 1024
  ```
  
  ProblemType: Bug
  DistroRelease: Ubuntu 15.04
  Package: network-manager-openconnect 0.9.10.0-1ubuntu2
  ProcVersionSignature: Ubuntu 3.19.0-26.28-generic 3.19.8-ckt4
  Uname: Linux 3.19.0-26-generic x86_64
  ApportVersion: 2.17.2-0ubuntu1.3
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Thu Aug 27 13:18:57 2015
  InstallationDate: Installed on 2015-08-03 (24 days ago)
  InstallationMedia: Ubuntu 15.04 "Vivid Vervet" - Release amd64 (20150422)
  SourcePackage: network-manager-openconnect
  UpgradeStatus: No upgrade log present (probably fresh install)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1489578

Title:
  Default route for IPv6 not being set correctly

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager-openconnect/+bug/1489578/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1489578] [NEW] Default route for IPv6 not being set correctly

Reply via email to