Default route via VPN while keeping LAN & services available

OpenVPN is working great and all, but I was having trouble getting my other LAN hosts to connect to the OpenVPN client system (a Raspberry Pi) while also keeping the services I normally run on it available from the internet. On the remote server, I was using redirect-gateway def1, which works but makes some assumptions about how you intend to use it.

After a lot of frustration and perusal of almost-but-not-quite posts on OpenVPN troubleshooting, I came across an article which didn’t mention OpenVPN but instead discussed how to set default routes for multiple interfaces.

Here’s what I took away. Extra lines in /etc/openvpn/client.conf:

and in multiple_gateways.sh:

One caveat: I haven’t done a ton of testing, and after rebooting my Pi, it didn’t come up cleanly, so a down.sh script may be needed to tear down the extra config when OpenVPN disconnects. That being said, I have services available from the internet, connections from the LAN to the Pi working, and the default route for outgoing connections still going over the VPN.

Tunnelblick disconnect fails to remove route

Tunnelblick is an awesome OpenVPN client, which I have been using a lot lately on my Mac. I had a problem where it would connect the first time just fine, but then would never reconnect; it would seem to hang while trying to handshake with the server. I could get it to work again if I rebooted my machine, but that’s powerfully inconvenient.

TL;DR temporary fix:
On disconnect, Tunnelblick fails to remove a static route it used while active. I created a script that I run after disconnecting which drops the static route. It basically just does this:

The 192 address makes an assumption that you didn’t customize that part of the config, so YMMV.

Google Now Needlessly Requires Battery-Draining Location Settings

location based cardsI think Google Now on my Android is pretty cool. I especially like the cards that show how traffic looks for an expected commute. One thing about it that bothers me a lot however, is that it insists that it needs either “high accuracy” or “battery saving” location mode enabled. High Accuracy mode uses GPS, wifi, or mobile networks to determine location. Battery Saving mode uses wifi and mobile networks. Device Only is the third option which uses GPS solely. My question is: Why is the Device Only option not allowed for Google Now to work? Continue reading “Google Now Needlessly Requires Battery-Draining Location Settings”