The answer to this question was very helpful for me to understand the routing used with openvpn.
But I'm still confused about the tunneling interface (tun0 below), especially in regards to accessing the remote LAN.
Here's the routing table :
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.172.1.5 128.0.0.0 UG 0 0 0 tun0
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth1
10.172.1.1 10.172.1.5 255.255.255.255 UGH 0 0 0 tun0
10.172.1.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
128.0.0.0 10.172.1.5 128.0.0.0 UG 0 0 0 tun0
168.1.6.15 192.168.1.1 255.255.255.255 UGH 0 0 0 eth1
192.168.1.0 0.0.0.0 255.255.255.0 U 1 0 0 eth1
I understand that when using the openvpn, it first goes to 10.172.1.1, and not 10.172.1.5 because of this unicast rule :
10.172.1.1 10.172.1.5 255.255.255.255 UGH 0 0 0 tun0
Then, since there's no rule for 10.172.1.1, it goes to eth1.
But because eth1 have this unicast rule :
168.1.6.15 192.168.1.1 255.255.255.255 UGH 0 0 0 eth1
It goes out to the other side of the tunnel, at 168.1.6.15.
In the answer of the mentioned question above, it says we could add this rule to access remote LAN :
10.172.1.0/24 dev tun0 proto kernel scope link src 10.172.1.5
But what does it do to access the remote LAN pcs ?
Are they directly available from the tunneling interface (tun0) ?
If they do, how openvpn goes outside (the are remote) ? Cause I'm premusing it's not using 168.1.6.15 in this case. Does it ?
Thanks for any clarification!