An OpenVPN client routes 192.168.2.0/24.
root@controller:~# ip route show 192.168.2.0/24 192.168.2.0/24 via 192.168.0.21 dev tun0
When the OpenVPN client is down, IP in the 192.168.2.0/24 network will be cached to go thru the default route instead:
root@controller:~# ip route show cache 192.168.2.42 192.168.2.42 via 10.145.4.4 dev eth0 src 10.145.4.5
When the OpenVPN client is back, the cache needs to be flushed to prevent temporary incorrect routing.
root@controller:~# ip route flush cache
Continue reading “flushing OpenVPN routes to prevent temporary incorrect routing”