RE: [Openvpn-users] Routing problems

  Subject: RE: [Openvpn-users] Routing problems
  From: James Yonan
  Date: Thu, 20 Jan 2005 10:19:48 -0700 (MST)

> I also prefer using the "def1" parameter of --redirect-gateway, which uses 
> the trick of adding two new routes, and instead of 
> replacing the old default gateway. It also has the effect that all traffic 
> is routed through OpenVPN, but you don't have to delete and re-instert the 
> real default gw.
> Even though I havn't verified it, I'm a fraid that a DHCP-renew could 
> reinsert the old default gateway while you're connected. If you use 
> 'def1', you're not affected by that as the /1 routes always take 
> precedance over the /0 route.
> James, is there any drawback of using the 'def1' parameter, or why don't 
> we make this behaviour the default for --redirect-gateway?

I don't think there are any drawbacks.  The main reason why it's not the 
default now is that it was added later and it wasn't clear at that time 
that it was the Right solution.


