OpenVpn client creates route to server using P2P server address
OpenVpn client on pfSense, shared key, tun.
After 2 years of perfectly working VPN links suddenly yesterday all went black. 100% packet loss. Impossible reconnection.
Debugging OpenVpn i started seeing Recursive routing errors... which made no sense at all, we use no recursion (not considering nothing has changed at all on both sides...)
Checking the routing table of pfsense i finally spotted the problem: psSense has now a route to reach the two servers using each openvpn link itself! This makes no sense at all to me. Tried to restart but such routes are appearing at each reboot.
This explains to me at least why the errors and why no traffic can pass over the vpn, dropped or not by openvpn doesn't change the result for obvious reasons.
Point is, why is pfSense doing so? What is instructing it to set up a route in such absurd way?
I'll leave to others the mistery of why now and not before, but that's another story.