argh, i didn't use vpn for some days and did not do any intentional changes to my setup regarding VPN. But its broken again. Packages do not get routed through VPN as intended:
root@LEDE:~# service log restart; service openvpn restart
root@LEDE:~# sleep 10; logread -e openvpn
Fri Apr 12 20:14:15 2019 daemon.err openvpn(cyberghost3_de)[6268]: event_wait : Interrupted system call (code=4)
Fri Apr 12 20:14:15 2019 daemon.notice openvpn(cyberghost3_de)[6268]: SIGTERM received, sending exit notification to peer
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[6268]: TCP/UDP: Closing socket
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[6268]: /sbin/route del -net 10.253.200.1 netmask 255.255.255.255
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[6268]: /sbin/route del -net 185.230.127.67 netmask 255.255.255.255
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[6268]: /sbin/route del -net 0.0.0.0 netmask 128.0.0.0
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[6268]: /sbin/route del -net 128.0.0.0 netmask 128.0.0.0
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[6268]: Closing TUN/TAP interface
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[6268]: /sbin/ifconfig tun0 0.0.0.0
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[6268]: SIGTERM[soft,exit-with-notification] received, process exiting
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: OpenVPN 2.4.5 arm-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: library versions: OpenSSL 1.0.2q 20 Nov 2018, LZO 2.10
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: LZO compression initializing
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: Control Channel MTU parms [ L:1626 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: Data Channel MTU parms [ L:1626 D:1200 EF:126 EB:407 ET:0 EL:3 ]
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: Fragmentation MTU parms [ L:1626 D:1300 EF:125 EB:407 ET:1 EL:3 ]
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1574,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-client'
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1574,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-server'
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: TCP/UDP: Preserving recently used remote address: [AF_INET]185.230.127.67:443
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: Socket Buffers: R=[163840->163840] S=[163840->163840]
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: UDP link local: (not bound)
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: UDP link remote: [AF_INET]185.230.127.67:443
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: TLS: Initial packet from [AF_INET]185.230.127.67:443, sid=89c190ff f0be5db8
Fri Apr 12 20:14:18 2019 daemon.warn openvpn(cyberghost3_de)[7171]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: VERIFY OK: depth=1, C=RO, L=Bucharest, O=CyberGhost S.A., CN=CyberGhost Root CA, emailAddress=info@cyberghost.ro
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: VERIFY KU OK
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: Validating certificate extended key usage
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: VERIFY EKU OK
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: VERIFY OK: depth=0, C=RO, L=Bucharest, O=CyberGhost S.A., CN=CyberGhost VPN Server Node berlin-s04, emailAddress=info@cyberghost.ro
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Fri Apr 12 20:14:18 2019 daemon.notice openvpn(cyberghost3_de)[7171]: [CyberGhost VPN Server Node berlin-s04] Peer Connection Initiated with [AF_INET]185.230.127.67:443
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: SENT CONTROL [CyberGhost VPN Server Node berlin-s04]: 'PUSH_REQUEST' (status=1)
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: PUSH: Received control message: 'PUSH_REPLY,sndbuf 393216,rcvbuf 393216,comp-lzo no,redirect-gateway def1,dhcp-option DNS 185.93.180.131,dhcp-option DNS 194.187.251.67,dhcp-option DNS 38.132.106.139,route 10.253.200.1,topology net30,ifconfig 10.253.202.126 10.253.202.125,peer-id 15,cipher AES-256-GCM'
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: OPTIONS IMPORT: compression parms modified
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: Socket Buffers: R=[163840->327680] S=[163840->327680]
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: OPTIONS IMPORT: --ifconfig/up options modified
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: OPTIONS IMPORT: route options modified
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: OPTIONS IMPORT: peer-id set
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: OPTIONS IMPORT: adjusting link_mtu to 1629
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: OPTIONS IMPORT: data channel crypto options modified
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: Data Channel MTU parms [ L:1557 D:1200 EF:57 EB:407 ET:0 EL:3 ]
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: TUN/TAP device tun0 opened
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: TUN/TAP TX queue length set to 100
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Fri Apr 12 20:14:19 2019 daemon.notice openvpn(cyberghost3_de)[7171]: /sbin/ifconfig tun0 10.253.202.126 pointopoint 10.253.202.125 mtu 1500
Fri Apr 12 20:14:25 2019 daemon.notice openvpn(cyberghost3_de)[7171]: /sbin/route add -net 185.230.127.67 netmask 255.255.255.255 gw 192.168.0.254
Fri Apr 12 20:14:25 2019 daemon.notice openvpn(cyberghost3_de)[7171]: /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.253.202.125
Fri Apr 12 20:14:25 2019 daemon.notice openvpn(cyberghost3_de)[7171]: /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.253.202.125
Fri Apr 12 20:14:25 2019 daemon.notice openvpn(cyberghost3_de)[7171]: /sbin/route add -net 10.253.200.1 netmask 255.255.255.255 gw 10.253.202.125
Fri Apr 12 20:14:25 2019 daemon.notice openvpn(cyberghost3_de)[7171]: Initialization Sequence Completed
root@LEDE:~# traceroute 1.1.1.1
traceroute to 1.1.1.1 (1.1.1.1), 30 hops max, 38 byte packets
1 192.168.0.254 (192.168.0.254) 0.522 ms 0.419 ms 0.412 ms
2 ama63-1-88-188-201-254.fbx.proxad.net (88.188.201.254) 20.411 ms 20.835 ms 19.664 ms
3 213.228.36.190 (213.228.36.190) 21.315 ms 21.882 ms 21.133 ms
4 194.149.165.77 (194.149.165.77) 26.762 ms^C
root@LEDE:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 10.253.202.125 128.0.0.0 UG 0 0 0 tun0
default 192.168.0.254 0.0.0.0 UG 0 0 0 eth1
10.253.200.1 10.253.202.125 255.255.255.255 UGH 0 0 0 tun0
10.253.202.125 * 255.255.255.255 UH 0 0 0 tun0
128.0.0.0 10.253.202.125 128.0.0.0 UG 0 0 0 tun0
185.230.127.67 192.168.0.254 255.255.255.255 UGH 0 0 0 eth1
192.168.0.0 * 255.255.255.0 U 0 0 0 eth1
192.168.1.0 * 255.255.255.0 U 10 0 0 br-lan
any idea what might be wrong ?