Description of problem: OpenVPN errors removing routes when its shut down Version-Release number of selected component (if applicable): 2.1-0.10.beta14.fc5 -------------------------------------------------------------------- I have a very simple config that works great. All traffic routes down the tunnel and life is good. When I stop OpenVPN however all my internet stops. After doing some digging I show that I have no default route. When OpenVPN stops it tears down the tun0 interface and all the routes that attach to that go with it. Including my default gateway. Here is a snippet from the logs. Jun 21 17:27:22 snakt openvpn[3402]: event_wait : Interrupted system call (code=4) Jun 21 17:27:22 snakt openvpn[3402]: TCP/UDP: Closing socket Jun 21 17:27:22 snakt openvpn[3402]: /sbin/ip route del 10.8.0.1/32 Jun 21 17:27:22 snakt openvpn[3402]: ERROR: Linux route delete command failed: shell command exited with error status: 2 Jun 21 17:27:22 snakt openvpn[3402]: /sbin/ip route del 55.66.77.88/32 Jun 21 17:27:22 snakt openvpn[3402]: ERROR: Linux route delete command failed: shell command exited with error status: 2 Jun 21 17:27:22 snakt openvpn[3402]: /sbin/ip route del 0.0.0.0/0 Jun 21 17:27:22 snakt openvpn[3402]: ERROR: Linux route delete command failed: shell command exited with error status: 2 Jun 21 17:27:22 snakt openvpn[3402]: /sbin/ip route add 0.0.0.0/0 via 10.79.79.2 Jun 21 17:27:22 snakt openvpn[3402]: ERROR: Linux route add command failed: shell command exited with error status: 2 Jun 21 17:27:22 snakt openvpn[3402]: Closing TUN/TAP interface Jun 21 17:27:22 snakt openvpn[3402]: SIGTERM[hard,] received, process exiting OpenVPN has no problems CREATING the routes (on start), it only "errors out" deleting the routes (on shutdown). If I run that SAME commands myself (as root) it works just fine and my routes are restored. Is it some sort of permission issue? Any ideas? I can do the "redirect-gateway def1" work around. That fixes the problem, but it doesn't seem like it addresses the bigger problem.
It appears this is a chroot issue with OpenVPN? It's been documented in a couple of places: http://tinyurl.com/efmjb http://tinyurl.com/f4ocq http://tinyurl.com/eacmn
"redirect-gateway def1" isn't a workaround, it is the right way to do it.