Messy route table when using static network settings

hi im using static settings on my eth0 connection i configured it via settings > my osmc > connection settings.
doing that add some non necessary rules to route table which then messes with my openvpn if i choose to connect to it.

this is my route table with openvpn uninstalled!

osmc@osmc:~$ route -n
Kernel IP routing table

lines #2 #3 and #5 of the table should not be there. is this connman doing?

ps: i tried to make the output look better, that all i could do
ps 2 : i redirected the output its looking good here :

I have no idea, just noticed as Google’s DNS. is also another dns that i specified in osmc networkd configuratio dialoge box. but those shouldnt be added to route table…
what about last rule ? why is that added ?
ps: when i remove these they are added again at reboot

It looks like connman adds explicit host routes to DNS servers that are not on the local subnet. For example if I add google DNS:

osmc@rpi2:~$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface         UG    0      0        0 eth0 UGH   0      0        0 eth0 UGH   0      0        0 eth0       U     0      0        0 eth0 UH    0      0        0 eth0

However if I configure two DNS servers that are on the local network no extra host routes are added:

osmc@rpi2:~$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface         UG    0      0        0 eth0       U     0      0        0 eth0 UH    0      0        0 eth0

Pretty sure this is done on purpose by connman and that there is a good reason for it…(although I’m not sure what off the top of my head)

To use VPN with connman the only proper way to do it is to write a “VPN agent” that will interface with connman via it’s agent API, allowing the VPN to be started and stopped by connman. If you are configuring your VPN externally and starting and stopping it with your own custom external scripts then you are going to see conflicts like this as you are trying to override the networking set up by the network manager…(connman)

1 Like

thx for ur reply.

is there an option to disable this or a workaround? using sudo route del inside rc.local didnt help. i need these static dnses to go through my vpn connection (to bypass internet censorship)

rc.local is not going to help you - it typically runs before the network even comes up, and even if it didn’t it would not run again if your network was reconfigured. Currently connman does not support /etc/if-up.d/ scripts that would run when an interface comes up.

I’m not aware of a setting that would turn this dns behaviour of connman off, it will be hard coded in connman’s source code. The only solution is probably to write a VPN agent for connman to integrate VPN support properly into connman instead of trying to go around it.

This is on our todo list (as is /etc/if-up.d support) but it is fairly far down the list at the moment.

1 Like

after inspecting some of the services in /lib/systemd/system
including connman.service i assume that using a service file which has should run my script to del routes at the right time. what do u think ?

im trying to use this now

Description=fix connman



which doesn’t solve the problem ;(

ps: i achived what i was lookingfor by adding a simple sleep 20 to my script. i don’t know if thats gonna affect anything else. is it ? will delay a service until the network manager has loaded, (connman in our case) but will not wait for the network to be up. If you enable “wait for network” in the network GUI and make your service it will delay your service (and Kodi) until the network is up and configured, which might work as a stop gap.

However if the network goes down and then up again for any reason connman would reconfigure the routes again. The only way to do this properly would be /etc/if-up.d/ scripting (not currently supported) or writing a vpn agent for connman. (Not currently implemented in OSMC, however technically there is nothing stopping anyone else writing a vpn agent - we just haven’t had the time to do it - the API is there in connman)

1 Like

Not only this, but ConnMan will reconfigure its routes regularly as part of the wispr.c module. Would not recommend doing it this way. Someone recently had a similar issue with using an external OpenVPN client and expecting routes to remain intact.


1 Like

thx for this usefull informations thats did solve some questions i had

i wouldn’t try to use openvpn if my internet connection wasn’t censored by my government…
youtube, raido channels, subscene opensubtitle podnapsi etc all blocked . can u imagine that?

well openvpn is now blocked here :I so i cant connect to my openvpn server. to bypass the country’s firewall now i need to setup stunnel so i can send openvpn data via this fully encrypted tunnel so they cant filter it out.

i did that and it works on my pc. now to make it work on my pi2 i did setup stunnel and openvpn yet when i connect (it successfully connects to openvpn server ) i cant ping anything i suspect this is a routing problem.
my route-n after connecting to openvpnserver via stunnel . stunnel is set to listen on and sentds its data to myserver-ip:port

osmc@osmc:~$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface       UG    0      0        0 tun0         UG    0      0        0 eth0 UGH   0      0        0 tun0 UH    0      0        0 tun0 UGH   0      0        0 eth0       UG    0      0        0 tun0   U     0      0        0 eth0

whats wrong in this table ? is it two unknown hosts?
any idea guys ? @DBMandrake @sam_nazarko
thx in advance