[eduVPN-deploy] eduVPN client routing table behaviour on MacOS

Louis Twomey louis.twomey at heanet.ie
Wed Jul 8 17:48:13 CEST 2020 

Hi Peter,
Yes, the user has 1.1.1.1 defined as their resolver on their home network, but I don’t know why the Google resolver (8.8.8.8) ended up in the table.

There are many more host entries in the routing table too, for multiple different Azure, Google, Akamai, etc., IP addresses. Each host entry has flags of either UHW3I or UHWIi.

I’m assuming that the host entries are added because the default route is “ambiguous” (unlike in the older eduVPN client where the more specific catch-all routes of 0/1 and 128.0/1 are created and are matched before the default), but that’s just a guess and I’d like to understand properly why the behaviour is so different between the two versions of eduVPN client.

Regards,
Louis
-------
Louis Twomey
Technical Architect
PGP key: C77D9256
HEAnet CLG, Ireland’s National Education and Research Network
1st Floor, 5 George’s Dock, IFSC, Dublin D01 X8N7, Ireland
+353 (0)1 6609040   louis.twomey at heanet.ie<mailto:louis.twomey at heanet.ie>  www.heanet.ie<http://www.heanet.ie>
Registered in Ireland, No. 275301.  CRA No. 20036270



On 8 Jul 2020, at 15:43, Peter Macfarlane <peter at ska.ac.za<mailto:peter at ska.ac.za>> wrote:

CAUTION[External]: This email originated from outside of the organisation. Do not click on links or open the attachments unless you recognise the sender and know the content is safe.


Hi Louis

Internet:
Destination        Gateway            Flags        Netif Expire
default            link#18            UCS          utun2
default            192.168.0.1        UGScI          en0
1.1.1.1            link#18            UHW3I        utun2      2
1.2.3.4            link#18            UHW3I        utun2      1
8.8.8.8            link#18            UHW3I        utun2      3
13.88.28.53        link#18            UHWIi        utun2
40.126.1.143       link#18            UHWIi        utun2

Several of those if not all of those addresses look like Dns server
addresses so perhaps there is some special rule which adds specific
routes to those , it is a very interesting set of dns servers however
;)

Cheers Peter

--
Peter Macfarlane
South African Radio Astronomy Observatory (SARAO)
Tel Direct: +27 21 506 7370
Tel Switchboard: +27 21 506 7300
Mobile: +27 82 925-5353
Email: Peter at ska.ac.za<mailto:Peter at ska.ac.za>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://list.surfnet.nl/pipermail/eduvpn-deploy/attachments/20200708/c6d8164a/attachment.html>

More information about the eduVPN-deploy mailing list