Thread: [Openvpn-devel] [S] Change in openvpn[master]: route: handle default gateway (net_gateway) and next

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Attention is currently required from: flichtenheld, mrbff, plaisthos.

cron2 has posted comments on this change by mrbff. ( http://gerrit.openvpn.net/c/openvpn/+/1222?usp=email )

Change subject: route: handle default gateway (net_gateway) and nexthop towards VPN server separately
......................................................................

Patch Set 2: Code-Review-1

(1 comment)

Patchset:

PS2: 
This is only half-working for me.  Triggered by https://github.com/OpenVPN/openvpn/issues/890 I have built a testbed to reproduce this.

- ssh -R *:12345:conn-test-server.openvpn.org:51194 $linuxserver
- on the linux server, run `openvpn --client --remote 127.0.0.5 51194 tcp ... --route 1.1.1.1 255.255.255.255 net_gateway`

it will do both gateway lookups, and setenv `net_gateway` accordingly

```
2025-11-15 17:57:26 net_route_v4_best_gw query: dst 0.0.0.0
2025-11-15 17:57:26 net_route_v4_best_gw result: via 194.97.140.30 dev enp0s18
2025-11-15 17:57:26 net_route_v4_best_gw query: dst 127.0.0.5
2025-11-15 17:57:26 net_route_v4_best_gw result: via 0.0.0.0 dev lo
2025-11-15 17:57:26 GDG6: remote_host_ipv6=n/a
2025-11-15 17:57:26 net_route_v6_best_gw query: dst ::
2025-11-15 17:57:26 net_route_v6_best_gw result: via 2001:608:0:814::ffff dev enp0s18
2025-11-15 17:57:26 net_route_v6_best_gw query: dst ::
2025-11-15 17:57:26 net_route_v6_best_gw result: via 2001:608:0:814::ffff dev enp0s18
```

but the gateway address used for `net_gateway` is the one from the second lookup

```
2025-11-15 18:03:45 net_route_v4_add: 1.1.1.1/32 via 0.0.0.0 dev [NULL] table 0 metric -1
2025-11-15 18:03:45 sitnl_send: rtnl: generic error (-19): No such device
2025-11-15 18:03:45 ERROR: Linux route add command failed
```

so we might need to store the `ngi` in the `struct route-list` as well, and depending on use case use `rgi` or `ngi` - for the bypass-routes, we want `rgi`, for `get_special_addr()` use case, we want `ngi`...

right?

-- 
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1222?usp=email
To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings?usp=email

Gerrit-MessageType: comment
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: I16d90221d0a75193035253817ff195f6da9dc0b3
Gerrit-Change-Number: 1222
Gerrit-PatchSet: 2
Gerrit-Owner: mrbff <ma...@ma...>
Gerrit-Reviewer: cron2 <ge...@gr...>
Gerrit-Reviewer: flichtenheld <fr...@li...>
Gerrit-Reviewer: plaisthos <arn...@rf...>
Gerrit-CC: openvpn-devel <ope...@li...>
Gerrit-Attention: plaisthos <arn...@rf...>
Gerrit-Attention: flichtenheld <fr...@li...>
Gerrit-Attention: mrbff <ma...@ma...>
Gerrit-Comment-Date: Sat, 15 Nov 2025 17:07:03 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: Yes

Thread: [Openvpn-devel] [S] Change in openvpn[master]: route: handle default gateway (net_gateway) and next

Robust and flexible VPN network tunnelling

openvpn-devel