Launchpad has imported 8 comments from the remote bug at https://bugzilla.gnome.org/show_bug.cgi?id=760264.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2016-01-07T11:45:59+00:00 Mihaly-orosz wrote: Properly set openvpn client config works in NetworkManager-openvpn, but the static rutes that are pushed from the server are created with wrong metric (50 instead of 301) Relevant config directives on server side: push "route 192.168.100.0 255.255.255.0 vpn_gateway 301" routing table on client after the connection has been set up: 192.168.100.0/24 via 192.168.17.222 dev tun0 proto static metric 50 Desired behaviour would be to set up the static route as follows: 192.168.100.0/24 via 192.168.17.222 dev tun0 proto static metric 301 Reply at: https://bugs.launchpad.net/ubuntu/+source/network-manager- openvpn/+bug/1831483/comments/0 ------------------------------------------------------------------------ On 2016-01-07T12:17:19+00:00 Thomas Haller wrote: You can configure the metric of the routes via ipv4.route-metric property (where "-1" means default [1]). The metrics specified by the server are ignored. I'm not convinced that it is desirable to let the server determine the route metric for the client. But yes, maybe that would be a valuable feature... [1] The default value depends on the device type (being 50 for VPN). You can also configure that default value in a global configuration file. Reply at: https://bugs.launchpad.net/ubuntu/+source/network-manager- openvpn/+bug/1831483/comments/1 ------------------------------------------------------------------------ On 2016-01-07T12:27:23+00:00 Mihaly-orosz wrote: You are right, but default metric and route-metric can be set globally only, not for route by route. In my setup i have several static routes pushed by the server with different metrics. I am working in an environment where the offices uses their own subnet, and are interconnected via a corporate management VPN server. If you are in one of the offices you have a direct route to one of the subnets, but the others are reachable only through the management VPN server. So most of the time one of the local subnets is overlapping with one of the static routes coming from the VPN server. It would be nice if you would be able to instruct networkmanager to accept static route metrics from the server, like having a property called: ipv4.route-metric-accept-remote whrere 0 means ignore 1 means accept. Reply at: https://bugs.launchpad.net/ubuntu/+source/network-manager- openvpn/+bug/1831483/comments/2 ------------------------------------------------------------------------ On 2016-01-07T13:14:06+00:00 Thomas Haller wrote: The route-metric has a per-device-type-default [1] and this global default can be overwritten (globally) [2].\ But more importantly, you can configure the route-metric per-connection too. Ok, it's not as granular as "route by route", but it's also more then "can be set globally only"! I suspect that is sufficient to model your use-case, or why not? Say, you connect to your office sites via a ethernet connection. If you configure it to have route-metric 49, then you'll get: default via eth0 metric 49 172.16.42.0/24 via eth0 metric 49 172.16.0.0/16 via vpn metric 50 if you plugin your notebook in office-site #2 you'll get: default via eth0 metric 49 172.16.23.0/24 via eth0 metric 49 172.16.0.0/16 via vpn metric 50 [1] 50 for VPN, 100 for ethernet, 600 for Wi-Fi, etc. [2] see CONNECTION SECTION in `man NetworkManager.conf` Reply at: https://bugs.launchpad.net/ubuntu/+source/network-manager- openvpn/+bug/1831483/comments/3 ------------------------------------------------------------------------ On 2016-01-07T13:54:29+00:00 Mihaly-orosz wrote: You are right, we can manage it if we set up all of the client computers and change their ethernet metrics for the office connections. But it is just a workaround and causes extra administration work. Having a "full featured" openvpn implementation in networkmanager would be better. Nevertheless this setup has been working for several years in native openvpn clients both on linux and on windows. We have problem only with linux distros started to use networkmanager. To sum up; i would like to suggest to consider the implementation of the feature of accepting server pushed metrics for static routes in networkmanager. I hope it can be included into your development roadmap. Thank you, Mihaly Reply at: https://bugs.launchpad.net/ubuntu/+source/network-manager- openvpn/+bug/1831483/comments/4 ------------------------------------------------------------------------ On 2016-01-07T14:03:52+00:00 Thomas Haller wrote: I do agree that this can be a useful feature. I was trying to understand whether there is an alternative/workaround for your scenario. Reply at: https://bugs.launchpad.net/ubuntu/+source/network-manager- openvpn/+bug/1831483/comments/5 ------------------------------------------------------------------------ On 2016-01-07T14:06:47+00:00 Thomas Haller wrote: btw, instead of configuring your ethernet's route-metric to be 49, you can also configure you VPN's route-metric to be high enough (for example >= 101). As you already have to deploy the VPN connection on all your client machines, this involves no additional configuration effort. Reply at: https://bugs.launchpad.net/ubuntu/+source/network-manager- openvpn/+bug/1831483/comments/6 ------------------------------------------------------------------------ On 2016-01-07T14:22:51+00:00 Mihaly-orosz wrote: Thank you! I really appreciate your help. I hope we can see the feature implemented soon! :) Mihaly Reply at: https://bugs.launchpad.net/ubuntu/+source/network-manager- openvpn/+bug/1831483/comments/7 ** Changed in: network-manager-openvpn Status: Unknown => Confirmed ** Changed in: network-manager-openvpn Importance: Unknown => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1831483 Title: metrics on pushed routes not applied To manage notifications about this bug go to: https://bugs.launchpad.net/network-manager-openvpn/+bug/1831483/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
