Only DNS going through tun0, all other traffic routed through eth0 after iproute2 update on Debian
Hello,
Around 16 months ago I setup PIA using OpenVPN and Network Manager with some instructions I found here after I signed up. It worked perfectly until yesterday and I'm trying to figure out why.
Background: Debian Testing AMD64 running XFCE which has been updated weekly for years.
My typical PIA usage is just for torrenting. So I sign on to the VPN for a few hours and sign off immediately when I'm done. All other routine web traffic is not over VPN.
After signing on, I always immediately go to ipleak.net to make sure there's no leaks and I'm truly anonymized.
Last used PIA on Saturday. Sunday I updated the box and on Tuesday after signing on to PIA I noticed that IPLeak was showing my ip address from my isp but the PIA address for DNS. It does this regardless of which server I choose. I looked at what had been updated on in the apt.log Sat and the only package that was updated that seemed related is iproute2. I force downgraded to the previous version thinking it was the culprit, rebooted but the behavior remained.
My suspicion is that somehow iproute2 (which replaced iproute1 which replaced net-tools) changed something in my routing table but I don't know how to troubleshoot it beyond that.
I'm running gkrellm and can see the tun0 interface come up and the initial burst of traffic for sign on but then all other traffic is going through eth0 like I'm not even connected to the VPN.
Here is the output of ip route show:
I've been using linux since 1999 as my primary desktop with forays into the BSDs but I'm not a programmer.
Thanks for any help.
Around 16 months ago I setup PIA using OpenVPN and Network Manager with some instructions I found here after I signed up. It worked perfectly until yesterday and I'm trying to figure out why.
Background: Debian Testing AMD64 running XFCE which has been updated weekly for years.
My typical PIA usage is just for torrenting. So I sign on to the VPN for a few hours and sign off immediately when I'm done. All other routine web traffic is not over VPN.
After signing on, I always immediately go to ipleak.net to make sure there's no leaks and I'm truly anonymized.
Last used PIA on Saturday. Sunday I updated the box and on Tuesday after signing on to PIA I noticed that IPLeak was showing my ip address from my isp but the PIA address for DNS. It does this regardless of which server I choose. I looked at what had been updated on in the apt.log Sat and the only package that was updated that seemed related is iproute2. I force downgraded to the previous version thinking it was the culprit, rebooted but the behavior remained.
My suspicion is that somehow iproute2 (which replaced iproute1 which replaced net-tools) changed something in my routing table but I don't know how to troubleshoot it beyond that.
I'm running gkrellm and can see the tun0 interface come up and the initial burst of traffic for sign on but then all other traffic is going through eth0 like I'm not even connected to the VPN.
Here is the output of ip route show:
[email protected]:~# ip route show default via 192.168.0.1 dev eth0 default via 10.17.10.5 dev tun0 proto static metric 50 default via 192.168.0.1 dev eth0 proto dhcp metric 100 10.17.10.1 via 10.17.10.5 dev tun0 proto static metric 50 10.17.10.5 dev tun0 proto kernel scope link src 10.17.10.6 metric 50 10.17.10.5 dev tun0 proto kernel scope link src 10.17.10.6 metric 450 108.61.68.150 via 192.168.0.1 dev eth0 proto static metric 100 169.254.0.0/16 dev eth0 scope link metric 1000 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.12 metric 100 192.168.0.1 dev eth0 proto static scope link metric 100Am I looking under the right rock? Any suggestions?
I've been using linux since 1999 as my primary desktop with forays into the BSDs but I'm not a programmer.
Thanks for any help.
Comments
Nevertheless, it was the right rock. I found it completely by accident. By accidentally re-initiating ifupdown on the NetworkManager applet before connecting to VPN then I was able to connect to VPN. It wasn't quite normal, DNS requests were very slow but otherwise the throughput was good and IPLeak showed I was anonymized.
The output of 'ip route show' also no longer showed my highest priority default route being eth0 either (it looked like my output above without the top entry) which is why I believe the VPN worked.
In trying to resolve the really slow DNS issues I installed dnsmasq. Even after setting dns=dnsmasq in /etc/NetworkManager.conf, for some reason NetworkManager refused to start after reboot. I had to purge NetworkManager and all of the associates packages and then reinstall.
Before reinstalling, I wondered if @d4rkcat pia.sh script would work better with NetworkManager purged and it sure did.
Sign on was superfast and the IP resolution worked.
Out of curiousity, I reinstalled NetworkManager and all the same problems came back up, including when trying to run pia.sh
There is outstanding bug against the current version of network-manager-openvpn in Debian Testing and Unstable:
I just purged all the network-manager packages (network-manager, network-manager-gnome, network-manager-openvpn, network-manager-openvpn-gnome) and just use @d4rkcat pia.sh script which now works beautifully.
I am very grateful to you @martouf for your willingness to help.
TL;DR for anyone with similar issues on Debian Testing/Unstable : try uninstalling network-manager and use pia.sh instead.