search

jedisct1 / dsvpn

A Dead Simple VPN.
MIT License
5.17k stars 395 forks source link

[feature wanted]update the route of remote networks , like wireguard do. #82

Closed changchichung closed 3 years ago

changchichung commented 3 years ago

DSVPN was indeed a very convenient tool for establish VPN tunnel but there was a slight problem confuse me a lot. when the VPN tunnel was built, it seemed to affect the original routing of the system.

chchang@hqdc039:~/git/dsvpn$ traceroute 168.95.1.1
traceroute to 168.95.1.1 (168.95.1.1), 30 hops max, 60 byte packets
 1  192.168.192.254 (192.168.192.254)  532.934 ms  532.898 ms  532.870 ms
 2  * * *
 3  64.237.50.1 (64.237.50.1)  532.751 ms  532.721 ms  532.692 ms
 4  * * *
 5  * * *
 6  * nyk-b2-link.telia.net (62.115.59.6)  202.599 ms  405.692 ms
 7  * * nyk-bb3-link.telia.net (213.155.130.29)  607.400 ms
 8  nyk-bb3-link.telia.net (213.155.130.29)  607.334 ms sjo-b21-link.telia.net (213.155.130.129)  608.131 ms *
 9  chunghwa-svc072178-ic359457.c.telia.net (62.115.165.51)  608.537 ms  608.440 ms sjo-b21-link.telia.net (62.115.119.229)  608.490 ms
10  chunghwa-svc072178-ic359457.c.telia.net (62.115.165.51)  405.532 ms  608.387 ms r4002-s2.tp.hinet.net (211.72.108.238)  609.331 ms
11  61-221-53-30.HINET-IP.hinet.net (61.221.53.30)  608.781 ms  608.745 ms r4002-s2.tp.hinet.net (202.39.91.46)  607.376 ms
12  dns.hinet.net (168.95.1.1)  608.586 ms !X 61-221-53-30.HINET-IP.hinet.net (61.221.53.30)  608.896 ms dns.hinet.net (168.95.1.1)  652.966 ms !X
chchang@hqdc039:~/git/dsvpn$ pkill dsvpn
chchang@hqdc039:~/git/dsvpn$ sudo pkill dsvpn
chchang@hqdc039:~/git/dsvpn$ traceroute 168.95.1.1
traceroute to 168.95.1.1 (168.95.1.1), 30 hops max, 60 byte packets
 1  hqs253.abc.com.com.tw (192.168.11.253)  0.220 ms  0.321 ms *
 2  10.99.99.95 (10.99.99.95)  10.852 ms  10.816 ms  10.782 ms
 3  27.105.61.145 (27.105.61.145)  5.011 ms  5.375 ms  5.336 ms
 4  61.64.212.37 (61.64.212.37)  8.082 ms  7.299 ms  8.343 ms
 5  61.64.212.177 (61.64.212.177)  6.263 ms  5.612 ms 61.64.213.137 (61.64.213.137)  6.549 ms
 6  tw5-ro0.as134522.net (113.21.84.113)  6.610 ms  5.591 ms  5.546 ms
 7  17-253-123-103-static.chief.net.tw (103.123.253.17)  5.143 ms  5.101 ms  5.198 ms
 8  LYR.11.chief.net.tw (223.26.66.11)  5.154 ms  4.715 ms  7.418 ms
 9  r4209-s2.hinet.net (203.75.228.194)  6.941 ms r4209-s2.hinet.net (203.75.228.6)  6.991 ms r4209-s2.hinet.net (203.75.228.194)  6.953 ms
10  210-59-204-129.HINET-IP.hinet.net (210.59.204.129)  13.497 ms  13.713 ms  12.905 ms
11  dns.hinet.net (168.95.1.1)  4.335 ms !X  6.246 ms !X  6.533 ms !X
chchang@hqdc039:~/git/dsvpn$

as you can see , the routing was not the same with/without DSVPN tunnel.

Is it possible to consider adding a parameter to create a new route according to the parameter setting when DSVPN is started, without affecting the original routing table , just like wireguard do ?

jedisct1 commented 3 years ago

It automatically configures the system so that all the network traffic goes through the VPN. I don't use wireguard, but this is exactly what dsvpn was written for :)

You can compile it with NO_DEFAULT_ROUTES defined in order to have it not configure anything:

env CC="-DNO_DEFAULT_ROUTES" make
changchichung commented 3 years ago

You can compile it with NO_DEFAULT_ROUTES defined in order to have it not configure anything

will do , thanks !