TomRoche asked:
I’m slowly learning more about IP routing and the ip toolset by investigating a VPN. After I start a particular VPN client, one of the (new) routes displayed by ip route show is
128.0.0.0/1 via 10.144.1.8 dev ppp0 proto none metric 1
I’d like to know, what does that mean? I believe I understand (but correct me where wrong) that
128.0.0.0/1is CIDR for “match all addresses with the first bit from the left set”via 10.144.1.8means route all that traffic (with destination addresses matching128.0.0.0/1) to the host with IP#=10.144.1.8dev ppp0means route all that traffic to that host using the interface=ppp0(which presumably uses the Point-to-Point Protocol).proto nonemeans no routing protocol applies to this route. Not sure what the implications of that are in this case.metric 1means “prefer this routeto any other route, except those with metric=0.”
So, IIUC, this route has the semantics, “If I receive a packet having a destination IP# with the leftmost bit set, I will send it to the host with IP#=10.144.1.8 on my interface=ppp0 … unless I get a route matching the same destination IP#s with metric=0, in which case I’ll use that other route.”
Is that correct? If not, where am I wrong?
If correct: why would the VPN client want to set this route? For what sort of usecase is this probably intended?
My answer:
That’s one of a pair of routes that certain VPN software sets when you tell it to redirect all of your traffic through the VPN.
The other route is:
0.0.0.0/1 via 10.144.1.8 dev ppp0 ...
The reason for setting these routes, of course, is so that (almost) all of your traffic goes through the VPN link. It is done this way so as not to override the default route, which has to be left alone in order to carry the VPN traffic itself.
View the full question and any other answers on Server Fault.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.