3

I'm slowly learning more about IP routing and the ip toolset by investigating a VPN. After I start a particular VPN client, one of the (new) routes displayed by ip route show is

128.0.0.0/1 via 10.144.1.8 dev ppp0  proto none  metric 1

I'd like to know, what does that mean? I believe I understand (but correct me where wrong) that

  1. 128.0.0.0/1 is CIDR for "match all addresses with the first bit from the left set"
  2. via 10.144.1.8 means route all that traffic (with destination addresses matching 128.0.0.0/1) to the host with IP#=10.144.1.8
  3. dev ppp0 means route all that traffic to that host using the interface=ppp0 (which presumably uses the Point-to-Point Protocol).
  4. proto none means no routing protocol applies to this route. Not sure what the implications of that are in this case.
  5. metric 1 means "prefer this routeto any other route, except those with metric=0."

So, IIUC, this route has the semantics, "If I receive a packet having a destination IP# with the leftmost bit set, I will send it to the host with IP#=10.144.1.8 on my interface=ppp0 ... unless I get a route matching the same destination IP#s with metric=0, in which case I'll use that other route."

Is that correct? If not, where am I wrong?

If correct: why would the VPN client want to set this route? For what sort of usecase is this probably intended?

TomRoche
  • 243
  • 3
  • 11

1 Answers1

4

That's one of a pair of routes that certain VPN software sets when you tell it to redirect all of your traffic through the VPN.

The other route is:

0.0.0.0/1 via 10.144.1.8 dev ppp0 ...

The reason for setting these routes, of course, is so that (almost) all of your traffic goes through the VPN link. It is done this way so as not to override the default route, which has to be left alone in order to carry the VPN traffic itself.

Michael Hampton
  • 237,123
  • 42
  • 477
  • 940
  • So why the `proto none metric 1`? – TomRoche Feb 13 '15 at 05:27
  • @TomRoche A route with a lower metric has higher priority than a route to the same subnet with a higher metric. And proto is none because it's irrelevant. – Michael Hampton Feb 13 '15 at 05:32
  • @"Michael Hampton♦": "of course [this must be] done this way so as not to override the default route, which has to be left alone in order to carry the VPN traffic itself." "Of course" :-) I'd like to be able to say that in this matter (et many al :-), but I lack the knowledge. Can you recommend a useful/efficient high-level reference on "how VPNs work," or should I just web-search? – TomRoche Feb 15 '15 at 16:41
  • @TomRoche It's the logical end result of how IP routing works. That's a bit too broad to explain in comments, though, and there are plenty of web sites that explain in detail already :) – Michael Hampton Feb 15 '15 at 16:45