I've setup a fresh Ubuntu 16.04 LXC container and followed the split tunneling guide to the letter. The only change I made was to make the vpn user a regular user so I could login to debug. It seems somethings off and it might be the way containers handle the config. This is with OpenVPN working as expected
vpn@vpn:~$ curl ipinfo.io
curl: (6) Could not resolve host: ipinfo.io
vpn@vpn:~$ ip route list
default via 192.168.1.1 dev eth0
10.79.10.5 dev tun0 proto kernel scope link src 10.79.10.6
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.15
vpn@vpn:~$ sudo systemctl status openvpn@openvpn.service -l
[sudo] password for vpn:
● openvpn@openvpn.service - OpenVPN connection to openvpn
Loaded: loaded (/etc/systemd/system/openvpn@openvpn.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2017-03-30 21:51:42 UTC; 47min ago
Docs: man:openvpn(8)
https://community.openvpn.net/openvpn/wi...n23ManPage
https://community.openvpn.net/openvpn/wiki/HOWTO
Process: 185 ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/%i.conf -
Main PID: 192 (openvpn)
CGroup: /system.slice/system-openvpn.slice/openvpn@openvpn.service
└─192 /usr/sbin/openvpn --daemon ovpn-openvpn --status /run/openvpn/openvpn.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/openvpn
Mar 30 21:51:42 vpn ovpn-openvpn[192]: TCP/UDP: Preserving recently used remote address: [AF_INET]172.98.67.28:1198
Mar 30 21:51:42 vpn ovpn-openvpn[192]: UDP link local: (not bound)
Mar 30 21:51:42 vpn ovpn-openvpn[192]: UDP link remote: [AF_INET]172.98.67.28:1198
Mar 30 21:51:42 vpn ovpn-openvpn[192]: [f8e8760c821eef8016990283c9244603] Peer Connection Initiated with [AF_INET]172.98.67.28:1198
Mar 30 21:51:43 vpn ovpn-openvpn[192]: TUN/TAP device tun0 opened
Mar 30 21:51:43 vpn ovpn-openvpn[192]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mar 30 21:51:43 vpn ovpn-openvpn[192]: /sbin/ip link set dev tun0 up mtu 1500
Mar 30 21:51:43 vpn ovpn-openvpn[192]: /sbin/ip addr add dev tun0 local 10.79.10.6 peer 10.79.10.5
Mar 30 21:51:43 vpn ovpn-openvpn[192]: /etc/openvpn/iptables.sh tun0 1500 1558 10.79.10.6 10.79.10.5 init
Mar 30 21:51:43 vpn ovpn-openvpn[192]: Initialization Sequence Completed
Any ideas?
vpn@vpn:~$ curl ipinfo.io
curl: (6) Could not resolve host: ipinfo.io
vpn@vpn:~$ ip route list
default via 192.168.1.1 dev eth0
10.79.10.5 dev tun0 proto kernel scope link src 10.79.10.6
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.15
vpn@vpn:~$ sudo systemctl status openvpn@openvpn.service -l
[sudo] password for vpn:
● openvpn@openvpn.service - OpenVPN connection to openvpn
Loaded: loaded (/etc/systemd/system/openvpn@openvpn.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2017-03-30 21:51:42 UTC; 47min ago
Docs: man:openvpn(8)
https://community.openvpn.net/openvpn/wi...n23ManPage
https://community.openvpn.net/openvpn/wiki/HOWTO
Process: 185 ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/%i.conf -
Main PID: 192 (openvpn)
CGroup: /system.slice/system-openvpn.slice/openvpn@openvpn.service
└─192 /usr/sbin/openvpn --daemon ovpn-openvpn --status /run/openvpn/openvpn.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/openvpn
Mar 30 21:51:42 vpn ovpn-openvpn[192]: TCP/UDP: Preserving recently used remote address: [AF_INET]172.98.67.28:1198
Mar 30 21:51:42 vpn ovpn-openvpn[192]: UDP link local: (not bound)
Mar 30 21:51:42 vpn ovpn-openvpn[192]: UDP link remote: [AF_INET]172.98.67.28:1198
Mar 30 21:51:42 vpn ovpn-openvpn[192]: [f8e8760c821eef8016990283c9244603] Peer Connection Initiated with [AF_INET]172.98.67.28:1198
Mar 30 21:51:43 vpn ovpn-openvpn[192]: TUN/TAP device tun0 opened
Mar 30 21:51:43 vpn ovpn-openvpn[192]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mar 30 21:51:43 vpn ovpn-openvpn[192]: /sbin/ip link set dev tun0 up mtu 1500
Mar 30 21:51:43 vpn ovpn-openvpn[192]: /sbin/ip addr add dev tun0 local 10.79.10.6 peer 10.79.10.5
Mar 30 21:51:43 vpn ovpn-openvpn[192]: /etc/openvpn/iptables.sh tun0 1500 1558 10.79.10.6 10.79.10.5 init
Mar 30 21:51:43 vpn ovpn-openvpn[192]: Initialization Sequence Completed
Any ideas?