Hi, On Fri, Feb 11, 2022 at 03:30:22PM +0100, Bo Berglund wrote: > I have trouble understanding this "source routing" or "policy routing" of > OpenVPN...
It depends on "which address of the server you are talking to".
If the OpenVPN client needs to send a packet to the "WAN" address
of the server (or the server only has one address), it cannot send
it "through the tunnel" (because then the tunneled packet would
go "through the tunnel" as well, getting nowhere). So it installs
a host route (/32 or /128) to go to the regular default router, for
"all packets toward the OpenVPN server address".
If the server has different WAN+LAN addresses, sending packets to the
OpenVPN server's *LAN* address will "just go through the tunnel".
There is no magic, just routing - traceroute will show which packets
go where.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
