dco: use specific metric when installing routes

When using DCO iroutes and routes all live in the same routing table,
However, the latter should always come after the former.

for this reason assign a default metric of 200 to routes. iroutes will
later get a metric of 100.

Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220628185623.1734-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24599.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpn/dco.h b/src/openvpn/dco.h
index dcadba78bb4dfc1d011a0bafd2c6d789c420154f..063e50282cbdc27c07f2492cb88caa461fbcf1f5 100644 (file)
--- a/src/openvpn/dco.h
+++ b/src/openvpn/dco.h
@@ -38,6 +38,8 @@ struct event_set;
 struct options;
 struct tuntap;
 
+#define DCO_DEFAULT_METRIC  200
+
 #if defined(ENABLE_DCO)
 
 /**

diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index 638fd10c8dd7274e01288e7cca32ff3b834b403e..03221cbb3d3fa78e39407529048206d341beaf98 100644 (file)
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -1385,6 +1385,15 @@ do_init_route_list(const struct options *options,
     int dev = dev_type_enum(options->dev, options->dev_type);
     int metric = 0;
 
+    /* if DCO is enabled we have both regular routes and iroutes in the system
+     * routing table, and normal routes must have a higher metric for that to
+     * work so that iroutes are always matched first
+     */
+    if (dco_enabled(options))
+    {
+        metric = DCO_DEFAULT_METRIC;
+    }
+
     if (dev == DEV_TYPE_TUN && (options->topology == TOP_NET30 || options->topology == TOP_P2P))
     {
         gw = options->ifconfig_remote_netmask;
@@ -1421,6 +1430,12 @@ do_init_route_ipv6_list(const struct options *options,
     const char *gw = NULL;
     int metric = -1;            /* no metric set */
 
+    /* see explanation in do_init_route_list() */
+    if (dco_enabled(options))
+    {
+        metric = DCO_DEFAULT_METRIC;
+    }
+
     gw = options->ifconfig_ipv6_remote;         /* default GW = remote end */
     if (options->route_ipv6_default_gateway)
     {