Please help me understand my routes while airvpn is active

[spacepig 0]

Hi!

Maybe this question was already asked before -can't find any thread in the forum- maybe I have overseen it.
When I route -n into the console I see following:

0.0.0.0         10.12.122.1     128.0.0.0       UG    0      0        0 tun0
0.0.0.0         192.168.178.1   0.0.0.0         UG    600    0        0 wlp3s0
10.12.122.0     0.0.0.0         255.255.255.0   U     0      0        0 tun0
128.0.0.0       10.12.122.1     128.0.0.0       UG    0      0        0 tun0
192.168.178.0   0.0.0.0         255.255.255.0   U     600    0        0 wlp3s0
213.152.161.219 10.12.122.1     255.255.255.255 UGH   0      0        0 tun0

I do not understand what I see here, why does eddie create that many routes.
My ip is 10.12.122.xxx/24 so I understand that 10.12.122.1 is my GW but where is this 213.x.x.x. ip coming from and what's its use?

Cheers!



 

[OpenSourcerer 1435]

Not Eddie, but OpenVPN. Let's go through all the lines.

1. Part one of "route all traffic through VPN" (gateway 10.12.122.1, device tun0), encompassing exactly half of all possible IPv4 addresses.
2. The default route. "If none of these rules match, use this". Identified by the iconic 0.0.0.0 as netmask.
3. The rule for the network inside the tunnel. You can translate the gateway address 0.0.0.0 as "local only" or "no next hop". Definition actually is "not specified".
4. Part two of "route all traffic through VPN", same gateway and device as 1.
5. The rule for your local network.
6. Supposed to be the VPN server rule, routing it through the internet-connected interface. However, this seems wrong. Should be via 192.168.178.1 on wlp3s0.

The reason rules 1 and 4 are split up this way is because you don't need to override the default route. It's caused by the OpenVPN option redirect-gateway def1 pushed by all servers.

[spacepig 0]

Thank for your explanations. I am trying to understand all of this :-)
Now, for testing I have made route -n on my other system -fedora31b/eddie2.18b (above was ubuntu1904/eddie2.18b)
and I get this
 

0.0.0.0         10.19.146.1     128.0.0.0       UG    0      0        0 tun0
0.0.0.0         192.168.178.1   0.0.0.0         UG    600    0        0 wlp4s0
10.19.146.0     0.0.0.0         255.255.255.0   U     0      0        0 tun0
128.0.0.0       10.19.146.1     128.0.0.0       UG    0      0        0 tun0
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0
192.168.178.0   0.0.0.0         255.255.255.0   U     600    0        0 wlp4s0
213.152.162.10  10.19.146.1     255.255.255.255 UGH   0      0        0 tun0
213.152.162.12  192.168.178.1   255.255.255.255 UGH   0      0        0 wlp4s0

Now I even got an additional route for wlp4s0. How should I understand this 2nd UGH why does it a connection to my *.1 router? I am still struggling to understand what these UGH are doing -will do some reading ;-)
Cheers!
 

[OpenSourcerer 1435]

DGHMU are flags. The defintions are:

• D - created by a redirect
• G - route to a Gateway
• H - route to a Host (mask 255.255.255.255)
• M - Modified by a redirect
• U - route is Up

So the last route, just as the one before it, tell you they are gateway routes for the interfaces at the end of the line.
Also it seems to me, one is the VPN entry IP, the other the VPN exit IP. But since I don't get PTR records back on querying AirDNS, I can't tell which server it is you're connected to to check my assumption. Would be odd, though, I still only get one route of this sort when I connect with my systems. This is how it should be, the necessary route is in line 4:

0.0.0.0/1 via 10.20.8.1 dev tun0 
default via 192.168.110.1 dev enp35s0 proto dhcp metric 100 
10.20.8.0/24 dev tun0 proto kernel scope link src 10.20.8.227 
91.214.169.68 via 192.168.110.1 dev enp35s0 
128.0.0.0/1 via 10.20.8.1 dev tun0 
192.168.110.0/24 dev enp35s0 proto kernel scope link src 192.168.110.2 metric 100