Bug 755350 – Failed to add custom routes when connecting to VPN

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 755350 - Failed to add custom routes when connecting to VPN


Summary:	Failed to add custom routes when connecting to VPN


Status:	RESOLVED INCOMPLETE

Product:	NetworkManager
Classification:	Platform
Component:	VPN: openvpn
Version:	unspecified
Hardware:	Other Linux

Importance:	Normal normal
Target Milestone:	---
Assigned To:	NetworkManager maintainer(s)
QA Contact:	NetworkManager maintainer(s)

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2015-09-21 13:41 UTC by Guillaume Desmottes
Modified:	2017-01-23 18:01 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description Guillaume Desmottes 2015-09-21 13:41:45 UTC

I'm trying to connect to a VPN using the openvpn plugin. I enabled the "Use this connection only for resources on its network" option and set a TAP virtual device.
Connection with the VPN is fine but for some reason ("Unspecific failure") NetworkManager fails to setup the custom IP routes.

I wrote a simple shell script setting up those routes manually using 'ip route' and everything is now working as expected.

NetworkManager-1.0.2-1.fc22.x86_64
NetworkManager-openvpn-1.0.2-2.fc22.x86_64

Here is the full logs with our public IPs obfuscated:

sept. 21 12:12:17 cass-x230 NetworkManager[911]: (nm-openvpn-service:21272): nm-openvpn-WARNING **: (nm-openvpn-service.c:1209):nm_openvpn_start_openvpn_binary: runtime check failed: (priv->mgt_path == NULL)
sept. 21 12:12:17 cass-x230 NetworkManager[911]: nm-openvpn-Message: openvpn started with pid 22090
sept. 21 12:12:17 cass-x230 NetworkManager[911]: <info>  VPN plugin state changed: starting (3)
sept. 21 12:12:17 cass-x230 NetworkManager[911]: <info>  VPN connection 'Badger' (ConnectInteractive) reply received.
sept. 21 12:12:17 cass-x230 nm-openvpn[22090]: OpenVPN 2.3.8 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Aug  4 2015
sept. 21 12:12:17 cass-x230 nm-openvpn[22090]: library versions: OpenSSL 1.0.1k-fips 8 Jan 2015, LZO 2.08
sept. 21 12:12:17 cass-x230 nm-openvpn[22090]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
sept. 21 12:12:17 cass-x230 nm-openvpn[22090]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
sept. 21 12:12:17 cass-x230 nm-openvpn[22090]: UDPv4 link local: [undef]
sept. 21 12:12:17 cass-x230 nm-openvpn[22090]: UDPv4 link remote: [AF_INET]xxx.xxx.xxx.xxx:1194
sept. 21 12:12:18 cass-x230 nm-openvpn[22090]: [eucommia.collabora.co.uk] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:1194
sept. 21 12:12:20 cass-x230 nm-openvpn[22090]: TUN/TAP device tap0 opened
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  (tap0): carrier is OFF
sept. 21 12:12:20 cass-x230 nm-openvpn[22090]: /usr/libexec/nm-openvpn-service-openvpn-helper --tap -- tap0 1500 1574 192.168.105.34 255.255.255.0 init
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  (tap0): new Tun device (driver: 'unknown' ifindex: 13)
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  (tap0): exported as /org/freedesktop/NetworkManager/Devices/12
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  VPN connection 'Badger' (IP Config Get) reply received.
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  VPN connection 'Badger' (IP4 Config Get) reply received.
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  VPN Gateway: xxx.xxx.132.196
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  Tunnel Device: tap0
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  IPv4 configuration:
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Internal Gateway: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Internal Address: 192.168.105.34
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Internal Prefix: 24
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Internal Point-to-Point Address: 0.0.0.0
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Maximum Segment Size (MSS): 0
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: 192.168.105.0/24   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.96.0/22   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.40.0/23   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.152.0/21   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.146.0/23   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 nm-openvpn[22090]: Initialization Sequence Completed
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.206.0/23   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.0.0/22   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.4.0/22   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.40.0/22   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.44.0/22   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.32.0/22   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.12.0/24   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.16.0/22   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.244.0/22   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.149.0/22   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.253.0/22   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.149.57/32   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.192.133/32   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.134.9/32   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.25.0/32   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.25.0/22   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.228.179/32   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.80.80/32   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.80.81/32   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.141.81/32   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.113.1/32   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.89.88/32   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.89.89/32   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.113.17/32   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.95.229/32   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.95.230/32   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Static Route: xxx.xxx.180.213/32   Next Hop: 192.168.105.2
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Forbid Default Route: yes
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Internal DNS: xxx.xxx.80.80
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    Internal DNS: 192.168.105.1
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>    DNS Domain: 'ccubadger'
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  No IPv6 configuration
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  (tap0): link connected
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.815503] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.96.0/22 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.815535] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.40.0/23 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.815559] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.152.0/21 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.815631] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.146.0/23 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.818207] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.206.0/23 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.818772] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.0.0/22 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.819036] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.4.0/22 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.819314] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.40.0/22 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.819479] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.44.0/22 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.819890] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.32.0/22 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.820156] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.12.0/24 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.820496] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.16.0/22 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.820631] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.244.0/22 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.820773] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.148.0/22 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.821043] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.252.0/22 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.821185] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.149.57/32 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.821353] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.192.133/32 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.821486] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.134.9/32 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.821618] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.25.0/32 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.821748] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.24.0/22 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.821883] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.228.179/32 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.822013] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.80.80/32 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.822146] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.80.81/32 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.822313] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.141.81/32 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.822595] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.113.1/32 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.822921] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.89.88/32 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.823081] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.89.89/32 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.823244] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.113.17/32 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.823386] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.95.229/32 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.823542] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.95.230/32 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <error> [1442830340.823713] [platform/nm-linux-platform.c:1790] add_object(): Netlink error adding xxx.xxx.180.213/32 via 192.168.105.2 dev tap0 metric 50 mss 0 src user: Unspecific failure
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  VPN connection 'Badger' (IP Config Get) complete.
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  VPN plugin state changed: started (4)
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  keyfile: add connection in-memory (fc993e2e-654a-4573-be21-368fee240152,"tap0")
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  (tap0): device state change: unmanaged -> unavailable (reason 'connection-assumed') [10 20 41]
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  (tap0): device state change: unavailable -> disconnected (reason 'connection-assumed') [20 30 41]
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  (tap0): Activation: starting connection 'tap0'
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  (tap0): Activation: Stage 1 of 5 (Device Prepare) scheduled...
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  (tap0): Activation: Stage 1 of 5 (Device Prepare) started...
sept. 21 12:12:20 cass-x230 NetworkManager[911]: <info>  (tap0): device state change: disconnected -> prepare (reason 'none') [30 40 0]

Comment 1 Thomas Haller 2015-09-21 14:08:52 UTC

<info>    Internal Gateway: 192.168.105.2
<info>    Internal Address: 192.168.105.34
<info>    Internal Prefix: 24
...
<info>    Static Route: 192.168.105.0/24   Next Hop: 192.168.105.2


By configuring an address 192.168.105.34/24 you already get a route
  192.168.105.34/24 via 0.0.0.0 dev tap0
automatically. This additional route
  192.168.105.34/24 via 192.168.105.2 dev tap0
seems wrong... and it might replace the direct route that you need.



You cannot add a route via a gateway (192.168.105.2) unless you have a direct route to that host too:
like
  192.168.105.2/32 via 0.0.0.0 dev tap0
or
  192.168.105.0/24 via 0.0.0.0 dev tap0



I think you should get rid of
<info>    Static Route: 192.168.105.0/24   Next Hop: 192.168.105.2
or alternatively, add a static route:
    192.168.105.2/32 via 0.0.0.0

Comment 2 Thomas Haller 2017-01-23 18:01:53 UTC

Closing as incomplete. Please reopen, if you the issue still happens