Fails to add host route to VPN gateway when connected through WWAN
After connecting to WWAN, my routing table looks like this:
$ ip -6 route show dev wwp0s20f0u3c3
2a02:2121:306:aaa3::/64 proto kernel metric 700 pref medium
default proto static metric 700 pref medium
After activating OpenVPN connection (using the NetworkManager OpenVPN plugin), the default route gets redirected to the tun0
VPN interface. However, no host route to the OpenVPN gateway is added to the wwp0s20f0u3c3
WWAN interface, thus we end up with a catch-22 where the encrypted packets are attempted to be routed inside of the tun0
- and there is a total loss of connectivity.
I'm attaching a combined NM (debug level) and MM (info) level log. I've done some s///g
-ing of private information, but everything in it should be coherent. The OpenVPN gateway is shown in the log as 2001:db8::abcd
(port 1194
).
I believe a possible reason for the issue might be caused that the default route has no next-hop (ModemManager reports it as ::
in output from mmcli --bearer 0
). This makes perfect sense as 3GPP links are point-to-point, however since the modem emulates an Ethernet interface it is also possible to install the route using a next-hop. To that end, the modem does send an ICMPv6 Router Advertisement from a link-local address immediately after the WWAN device is set UP. This I can see in tcpdump
:
19:22:10.384835 IP6 fe80::4e54:99ff:fe45:e5d5 > ff02::1: ICMP6, router advertisement, length 64
However, right afterwards I can see that from the debug log that NM (temporarily) disables IPv6 on the device, which probably removes any route learned from that Router Advertisement:
2018-12-06T19:22:10.385766+0100 sloth.fud.no NetworkManager[2376]: <debug> [1544120530.3857] platform-linux: sysctl: setting '/proc/sys/net/ipv6/conf/wwp0s20f0u3c3/disable_ipv6' to '1' (current value is '0')
Thus we're left with the next-hop-less default route learned from ModemManager. On WiFi I have not had similar problems, presumably because there the default route has a next-hop as it is learned from ICMPv6 Router Advertisements.
Software versions in use are the default ones included in Fedora 22:
ModemManager-1.8.0-4.fc29.x86_64
NetworkManager-1.12.4-2.fc29.x86_64