On Mon, Sep 28, 2020 at 5:18 pm, Chuck Anderson <cra@xxxxxxxxxxxx>
wrote:
I think the VPN plugin and VPN server has some input, no? All the VPN
servers I've used send routes to the VPN client to determine which
traffic the client should send via the VPN. How does that interact
with "use this connection only for resources on its network"? Does
the user preference take precendence over the VPN server-provided
routes? What if the VPN server doesn't send any route other than
0.0.0.0/0?
Good question! So good that I don't know the answer. Yes, the VPN
plugin indeed gets to make decision based on configuration pushed by
the VPN server. The NetworkManager developers are experts in how these
settings interact. I *think* the routes provided by the VPN take
precedence over the checkbox (but only for routing, not for DNS)? But
this would certainly be good to document and explore more fully.
This is actually at issue in
https://bugzilla.redhat.com/show_bug.cgi?id=1863041 where we currently
wind up doing the wrong thing by default. See e.g. comment #81 where
the VPN plugin is constructing routing information to pass to
NetworkManager.
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
