PPTP VPN routing table explained

Question

May I ask you to help me understand the routing table I have after I initialize a vpn connection and if I understand correctly why I do not have Internet connection after that:

Here are the participants:

• 67.52.234.111 is the remote vpn endpoint
• 10.65.2.1 is the gateway of my network with mask 255.255.255.0

After I establish the vpn connection I have the following routing table:

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         0.0.0.0         0.0.0.0         U         0 0          0 ppp0
0.0.0.0         10.65.2.1       0.0.0.0         UG        0 0          0 enp0s31f6
10.65.2.0       0.0.0.0         255.255.255.0   U         0 0          0 enp0s31f6
10.254.251.1    0.0.0.0         255.255.255.255 UH        0 0          0 ppp0
67.52.234.111   10.65.2.1       255.255.255.255 UGH       0 0          0 enp0s31f6
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 enp0s31f6
172.17.0.0      0.0.0.0         255.255.0.0     U         0 0          0 docker0

Do I get something wrong:

• the first row tells that everything should go through the ppp0 network interface without using any gateways
• The above overrides the second row which tells to route everything through the default gateway 10.65.2.1 and that is why I do not have access to internet
• the third row says that everything in 10.65.2.0 is local address so gateway not necessary and you can access resources directly
• the 4-th row says (not sure about this one because of the 255.255.255.255 netmask) that everything that goes through ppp0 interface which address is 10.254.251.1 is totally isolated in a single device network or something like this.
• All traffic that goes through ppp0 interface is encrypted and forwarded to 67.52.234.111 which is routed through the 10.65.2.1 gateway and this is the point where the vpn connection goes to the outer world to reach the other vpn endpoint.

And finally why the first row exists in this form, I want only specific IP addresses to be routed through the ppp0 interface not everything?

I am sorry if it seems stupid or I insult someones understanding or the topic with stupid question, I just can not understand it and can not find something in the net that can explain it easily.

Answer 1

PPP is a Virtual Interface, that comes up after the VPN connection is established. The remote END can configure what traffic should go through the VPN tunnel, in your case it is set to send 'all' traffic.

10.254.251.1 is assigned to your PPP interface, usually a Pool is created on the VPN server, that will assign a unique IP address to each client that connects to it.

Usually the VPN server will control what traffic will go through the Tunnel. If you have access to VPN server, you can setup something like Split Tunnel and specify what Networks should go through the Tunnel, instead of 'all'.