I'm trying to cook up PBR with openconnect. But something has gotten me seriously puzzled and I hope you can give me a wee bit 101 here on the subject: A regular route table entry would like like this Destination Gateway Flags Netif Expire 0.0.0.0/0 10.36.0.9 UGS ovpnc1 And the corresponding vpn interface would look like this: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500 options=80000<LINKSTATE> inet6 fe80::4262:31ff:fe00:c081%ovpnc1 prefixlen 64 scopeid 0x9 inet 10.36.0.10 --> 10.36.0.9 netmask 0xffffffff nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> groups: tun openvpn Note there are two distinct ip addresses from the *same* subnet 10.36.0.8/30. But Openconnect looks like this: Destination Gateway Flags Refs Use Netif Expire default 10.23.167.57 UGSc 61 0 utun2 and the vpn interface like this: utun2: flags=8151<UP,POINTOPOINT,RUNNING,PROMISC,MULTICAST> mtu 1340 inet 10.23.167.57 --> 10.23.167.57 netmask 0xffffffff Why is the interface address also the gateway? It obviously works but it defies (my) common sense. When I do a traceroute the "real" gateway reveals itself: traceroute to google.be (172.217.13.163), 64 hops max, 52 byte packets 1 10.65.0.1 (10.65.0.1) 107.129 ms 109.283 ms 107.764 ms So the question again is why isn't 10.65.0.1 shown as default gateway in the routing table? Thanks for reading (and replying): Jeroen
