Tuesday, November 22, 2016


Up around 8am, excited to explore Delhi but a little trepidation was settling in as well.  Went to the breakfast at the buffet.  Still not sure how careful I need to be here in India nor here in the Taj.  I skipped the exotic cut up fruit.  I also skipped the continental and English breakfast options.  Had another plate of tasty things.  Idli sambar and several other items.  An Aloo (potato) paratha was made to order.  I also got my first taste of local chai.  It was fine, not sweetened though, which I did expect.  I had heard that this was for the westerners but my driver later told me there is a problem with diabetes developing in the population and there is a movement to remove sweets where possible.

Explored the hotel a bit, there is a pool but it looks unused.  Some nice grounds, beautiful lobby, store with various gorgeous arts and crafts.  The ATM was working this morning though it would only dispense a single 2000 rupee bill.  I changed some money at the front desk, they would only change one 2000 into 100s.  

Back up stairs to get ready to go.  I packed my squared westerner travel kit of antiseptic wipes, wound care, pepto and immodium into an old travel bag.   My neighbor had recommended some mosquito spray that was 95% deet.  It didn’t smell nearly as bad as I thought as I dosed myself.  Grabbed a bottle of water and headed out to explore.

Still unsure where to go and feeling a little daunted by exploring on my own this morning.  My original plan was to walk from the Taj to the India gate (about a mile).  I had heard stories of being mobbed by beggars the second you stepped out of your hotel though and wasn’t sure how I would cope so I am having second thoughts on that idea.  I was originally going to skip Connaught place as I thought it would be that same metropolitan square that you can find from Seattle to New York to London to Amsterdam to St. Petersburg.  This morning, that seems like a good way to dip my toe into Delhi.  All the locals seemed shocked that I wasn’t hiring a taxi to take me around for the day.  I didn’t want to do that as I thought I would want to walk and wander and wasn’t sure how I would get the guy to pick me up at the end of my wanders.  Uber seemed like a better idea, I could call them from wherever I was.  Also, all payment is done on the card so I didn’t have to worry about currency.  That said, I did have to wonder if the locals knew something i didn't.

Uber was only a few minutes away.  I got into the very basic, Tata car and we were on our way.  Taking the car out from the Taj, we drove through the park that runs from the India Gate to the parliament buildings.  I was glad I didn’t walk.  10am on a Saturday, there were only (what seemed like) indigent or homeless people on the street and in the parks.

Connaught Place is not what I expected.  It was not nearly as metropolitan as I had in my head.  It is still very much India.  Crowded and dirty and chaotic.  There were a few recognizable stores, I did see a Starbucks but it wasn’t the shopping mall I had expected.  Still not entirely comfortable, I wandered one way and stumbled into a bit of a homeless camp so turned back.  Heading the other way, I saw several hundred people queuing for the bank.   Behind them was the metro line so I decided tackling the public transport would be my next step.

Heading down into the metro, I still wasn’t travelling well.  Having gone through 90s style airport security to get into the metro, I wanted to buy a 24 hour travel card.  The guy at the first window said something harsh and gesticulated toward the other side of the hall.  I headed over there and tried the other window.  The card cost 150 rupees.  I tried to pay with my 2000 rupee note and he was having none of it.  I tried to pay with my card but couldn’t get the machine to work.  First it was not taking the numbers and then I mistook which card I was using and gave the wrong pin.  He got mad at me as a queue started to build up, ‘Why so fast on the numbers!?’.  As the machine noted ‘last chance pin’ I decided to cut my losses and dug 200 rupees out of my pocket.  Hehe, that didn’t go very well.

Subway was fine.  I was on the yellow line so decided to head down to Dilli Haat.   I came down the escalator just as the train pulled up.  I got into the queue behind some lady and waited as people poured out of the train.  It was crowded but not overwhelmingly so.  I was filing into the car when I heard an, ‘Excuse me’.  When I turned a young women noted, ‘Sir, this is the ladies carriage’.  Doh!, ‘Sorry, thank you’ and barely stopped myself from reaching out to touch her arm in thanks.  Dammit Beavis, pay attention.

The next train was just a few minutes later, got onto the correct carriage this time.  It was more crowded here but still not terrible.  I realized I hadn’t seen anybody I could distinguish as being non-Indian since I left the Taj.  No white, far eastern or black people as far as the eye could see.

One nice thing about travelling by metro, especially one with armed guards at the entrance, is that I could explore out from there and know a way back to a safe place.  I came out at Dilli Haat station.  Well, that wasn’t so simple either.  After holding my card to the reader, it wouldn’t let me out.  I tried another reader, still no dice.  I was about to go looking for help when I realized I was trying to get out w/ my hotel card.  FFS dude, get your sh*t together.

After a quick wander, I found my way to the market.  Sign on the wall says 100rupees for foreigners.  I paid up and got a ticket that says it cost 60 rupees, more of that loose relationship with numbers.  As I wandered inside, it was still mostly closed.  Several shops were open or opening but no shoppers yet.  I wandered through, easily ignoring several of merchant’s calls.  I understand Dilli Haat is an artist’s market where most of the stalls rotate every 15 days.  There were some beautiful scarves, probably 75% of the market was selling pashmina scarves.  Not sure of the value and know that they know that I wouldn’t know the value. I heard there is a state shop w/ no haggling, I will probably hit that later.

The pollution is omnipresent.  There is a haze over everything and I can taste it on my lips. 

At the back of the market were a few food sellers.  I thought to stop for a drink.  Looking behind the boy at the counter, the thing in bottles was Coke.  So, like an American commercial, I settled down in to watch the market open w/ a Coke in hand.  It was actually a nice chance to gather myself and turned out to be turning point in the day.

Now, I realize that my trepidation and missteps above probably sound pretty negative.  I don’t really mean it to.  Somehow, most of the things I can articulate about India sound negative.  But as I went through the rest of the day, I started to find how they come together to something wonderful.

After a quick rest to gather myself, I started back out of the market.  I saw more evidence of the lack of theft here.  Several of the stalls were still closed.  It looked to me, like their wares were still in the shops, protected only by a plastic tarp.  It would seem it was that way all night.  I also saw the first of many public water fountains.  There seems to be a lot of free, public water.  Now, I am not ready to drink it, but I am impressed at how available it is.

Heading out of the market, I saw my first white guy!  Some obvious tourist, I would guess German, taking photos w/ a telephoto lens.  I ended up not making contact but it made me wonder if I should stop by a hostel and pick up some travel companions.

Feeling a bit more comfortable, I decided that the refuge of the metro gave me the courage to try Chandni Chowk.  This was supposed to be a super chaotic market near the Red Fort and a spice market.  I thought both or either may be worth seeing.  There were two ways out of the metro, one down a covered corridor, where most people were going, and one through a park.  I took the path less travelled (a relative thing, here) and headed out towards the park.  It was nearly noon by now and I saw a curious mix of homeless sleeping in the park and families with children picnicking and playing.   There were huge piles of garbage around garbage bins and some guy jumping up and down on top of an already very full wagon of garbage, try to compact it further.  When the park and the corridor diverged, I decide to jump back in with the people, presuming we were all going to more or less the same place. 

Stopping to try to get a picture of some impressive temple, I saw two women trying to look something up on a map.  They were accosted by people trying to help them find something and quickly packed it up.  When they passed, I asked them if they were looking up the Red Fort.  Turns out they were so we hooked up and I found my travel companions for the day. 

Sheena, an international school teacher from Ireland, teaching in Kuala Lumpur and (… gawd, I am bad with names, we’ll go with) Carol, an international school teacher from Minnesota, teaching in Thailand, had met teaching in Korea and were in town for a friend’s wedding.  They were happy to have a guy w/ them and I was happy to have a second (and third) pair of eyes with me.  We had more or less the same goal of wandering and looking at interesting things.  We thought we were wandering towards the Red Fort as we made our way through the traffic and crowds.  The bike taxis were very insistent here.  After one guy followed us for some time offering a ride for 10 rupees each, I finally told him that “the last guy offered a better deal and we didn’t take that one either”.  That seemed really effective and he disappeared. 

Looking to my right at an impressive statue of Gandi and large building which turns out to be Town Hall.  I didn’t realize I was approaching some sort of event.  There was a table on the sidewalk with several people sitting on one side facing the street.  On the street maybe 100 people had gathered to listen to what these guys and ladies were saying.  They had loud speakers set up and a big banner behind them with the Town Hall as their back drop.  That was all fine.  The strange thing was that, as it was on the street, some set of sidewalk traffic just walked right behind them while they yelled into the microphone.  I think it was a political demonstration or debate as the speaker seemed angry and animated.  I hope they aren’t saying, ‘Let’s lynch the next white guy that walks by”.  B)

We realized we weren’t on the path towards Red Fort, that seemed to be a train station that we were heading to.  So, change of plan, from here we started to head towards Gadodia markets.  This was a fascinating area and all I thought Delhi would be.  It was a chaotic warren of sights, smells and sounds.  A wonderful assault on the senses.  Writing my notes later, I realized I wasn’t sure of the order of several of these impressions, it was all a jumble of sensation.

The spice market itself was the most intense as the spices permeated the air.  Everybody, not just the tourists, was coughing their way through the alleys full of spices, nuts and pulses.  Colorful bags of Tumeric, chili, coriander, mango, pepper and others lined the streets.  I almost bought a bag of spice for about $2 when I realized that 500g of turmeric would last more than a lifetime.

I should have bought when I first saw things.  I regret not purchasing black and pink salt crystals that were bigger than golf balls.  I assumed I would see them again later in the market but never did. 

There were several cows around the streets and market, including some that were decorated in what I took to be ceremonial markings.  Ducking down one particularly grimy side warren, we found, as Sheena put it, “a very handsome goat” and a fresh grocer market with piles and piles of potatoes and various greens.

There were several of these warrens, narrow alleys that led away from the road into mazes of varied goods.  We wandered through a couple fabric warrens.  Down the narrow paths were dogs and scooters and workers carrying lumber on their shoulders and huge bundles of fabric on heads, all capped by a tangle of spliced and respliced electric lines overhead.   Down one of these alleys, I saw a male kurta.  This is the male dress for formal occasions.  Since I am going to a wedding later in the trip, I decided to reach out to one of my coworkers here to see if I should get one.  She came back a bit later with an affirmative but I had wandered on by this point.  I kept my eye out for the next couple days but nobody else seemed to sell male ones.

Through all of this, there were small doorways.  Looking through you could see various temples that stood as oases of calm, set apart from the chaos.  To enter you had to remove your shoes.  I was in hiking boots and that seemed like too much of a fee for me.  The girls tried to go in but one was wearing shorts so she was denied as a floozy.

We got to an intersection in Gadodia market and decided to head down Lalkuan Bazar Road, heading towards the metro.  This road is a bizarre road in that they are selling every manner of thing.  It also seems to be a busy road as dogs, bikes, scooters, cars trucks, tuktuks, children and ourselves all wove our way together and in opposite directions to form a strangely effective pattern in the cacophony of varied purpose.  

We passed more spice, food and fabric shops but also a district of shops that were kitchen supply, espresso makers and mixers and other industrial kitchen goods.  Then we came into the home depot section where there were latches and tools and lumber.  Interspersed were mini factories doing some sort of water cooled metal cutting or shaping.  Striking was the small children one pair couldn’t have been more than 5 and 3 years old.  Weaving through the bikes and cars with the rest of us.  This was a hugely stimulating area and exactly what I wanted from Delhi. 

We finally made it to the metro station and decided to try to find the state market I had heard of.  We picked a stop a few blocks away and decided we would walk towards it.  As we headed down the street we saw another huge queue in front of a bank.  These are common enough now not to mention.  This one though, started to look like a riot was going to form.  They were chanting and started waving their fists.  We decided it was probably best to wander on rather than watch this develop.

Our path towards the markets took us by a beautiful mosque Gurudwara Bangla Sahib.  Not on our radar but so impressive we had to wander around it for a while.  Lots of marble and great inlay work.  This was also a no shoes area, complete with a ‘shoe check’ area where you could leave your shoes.

We couldn’t find the shops but a quick consultation with google later found that they were a bit further down the direction we were going and we quickly found them.  The idea here was each state in India had a government run store in a mall/market that had fixed prices.  Since I had no idea what something was worth, that seemed like a fair deal to me.  And overall it was.  I am sure we overpaid but probably not much more than I would have trying to bargain w/ no idea of guideline costs.  If I had more time, I would suggest going to the market to get an idea and then trying your luck in the more varied markets.  After some shopping and a cafeteria lunch (that was still excellent) it was time to say goodbye to my travel companions as we went our separate ways.

As I wandered a bit past the market, looking for a reasonable place to call an uber, I realized that I was in Connaught Place, at exactly the area I had turned back from earlier in the day as I thought I was entering a homeless encampment.  Now I am wandering through the same area, laden with shopping bags, an obvious mark.  But I wasn’t really concerned. I guess I learned a bit more about the city and where I could fit and how to manage the city.  I juggled my bags as I dodged traffic looking around for my uber.  It took a while as the guy had gotten out of his car and was wandering around looking for me, while I wandered looking for his car. 

I arrived back at my hotel room and realized I was still just buzzing with excitement.  What a day!  It took several hours to calm down.

I wandered the hotel a bit to see what they had for offer and was suggested, by the nice lady who kicked me out of an upstairs members lounge, that Varq was a good place to eat.  This is an upscale modern Indian restaurant.  The dishes were beautifully presented and absolutely delicious.  Another great treat on an excellent travel day.


Monday, November 21, 2016

It has been a long time since I wrote a blog post but an adventure to India seems like a good reason to start again.

I flew direct from London Heathrow to New Delhi.  This left from Heathrow Terminal 4 which was a bit light on food options at 7am on a Friday.  I checked in at the Air India lounge.  I don’t often fly business class and was thinking there may be a nice, premium lounge but it was actually quite basic.  Just a counter with some small bits of food, 4 or 5 bottles of booze as a bar and a few types of juice sitting on a second counter.  The BA and even the United/Delta basic lounges are much nicer.  That said, there as a good ball of something Indian that I ate there.  My knowledge of Indian food names is terrible.  Spoiler alert: This entire trip is me eating tasty Indian things that I don’t know what they are called.

I headed out of the Air India lounge in search of a reasonable breakfast.  I walked the length of the terminal and found a Lebanese place.  A strange start to my Indian adventure but a nice breakfast.  Sadly, health isn't great at home.  Now my elder boy is also sick.  Tough week for me to be away.

Air India Business class was also not as luxurious as I hoped.  I settled in on the stained, spotted seats as the stewardess walked around spraying what I took to be Indian Febreeze on the unoccupied seats.  A chemically ‘fresh’ sent permeated the air for a few minutes.  It either faded or I started filtering it out.  

The entertainment options were disappointing.  The screen was nice and large but there was a strange collection of movies.  It would have seemed fine 10 years ago but given the options on other carriers, it was very sparse.  Maybe a dozen ‘recentish’ releases and another two-dozen random ‘classic’ movies (from Breakfast at Tiffany’s to Rebel Without a Cause to A-Team to Avatar).

The food was actually excellent.  No idea what it was, but very tasty Indian food.  I have been going vegetarian for this trip.  It is easy in India as the veg options are plentiful and filling.

The flight was otherwise uneventful.  Landed at Delhi a bit late around 22:45.  It looked like the airport was mostly shutting down.  There were more staff than passengers as I walked through the terminal.  It seems like they had at least two people to do every job that needed doing, and sometimes 5 or 6.  I guess this is an oversupply of labor?  Maybe they need more management oversight.  I assume they were being paid but far more were sitting and hanging out than actually working.

As I came to the baggage area, I saw a currency exchange spot with (what looked to my naïve eyes like) a huge queue.  There were two lines, probably 20 people ahead of me in my line.  I decided to  jump in one of them before the rest of my plane got here.  I wasn’t sure how long my bags would take but I was guessing it wouldn’t be too quick.

There is a major currency crisis going on in India.  At the beginning of November, the government announced that as of the end of the year, they would no longer accept 500 or 1000 rupee notes.  According to one of the guys in the currency line, 86% of the money in circulation was in these notes.  Not sure whether that is in value or volume.  The stated (and possible real) reason for this is to get the ‘dark money’ into circulation.  Several people have noted that there is a largely cash economy with people living outside of the tax system.  People would also stock money ‘in the mattress’ in these bills.  I would guess getting the money out of people’s mattresses and into the banking system (for the banks to leverage) must be at least as important as the taxes.  The move makes sense but it is causing a lot of pain right now.  Apparently, you can only exchange 4000INR per day (you can deposit the rest in your bank account, if you have or create one).  From the ATMs, you can only withdraw 2000 INR / day (or possibly per week, I heard conflicting reports).  One problem there is that the new 2000 INR notes are a different size and not all ATMs can manage them.  A second problem is that the ATMs that can manage the notes only spits out a single 2000 rupee note.  If you try to buy something less than about 1500 rupee, most sellers will refuse because they don’t have the change.  Even at the Taj Mahal Hotel, the ATM would only give 2000 rupees and it was empty when I got there.  They had refilled it the next day.  The front desk was willing to break it but only a single 2000 note into 100s, they weren’t able to get enough change either.


It is driving a move away from cash, to either plastic or other payment styles.  I saw PayTM accepted in some unlikely looking spots which seems to be a point to point payment system on your smartphone.  It is also driving the adoption of Uber and a local version Ola, which allows you to pay electronically.  This is fine for some section of the population but I understand that a large group of the people are operating by cash.  So if you are a small business, you aren’t able to pay your employees.  They aren’t able to buy food, etc.  It looks to be mass chaos.  While wandering around over the next few days, every time I saw a huge queue, it was for a bank or ATM.  I saw riot chants start at one bank and a physical fight with policemen at another bank.

Anyway, back to my line at the airport.  The line was moving really slowly.  As 5 mins became 30, I started to worry about my bag on the carousel, but I was too far in to abandon my spot in line.  It became apparent that they were only exchanging 100$ per passport and that they had to take all the passport details down for each transaction.  It was also slow as each person in line had a bit of an argument about how much would be accepted and how long the wait was or something else.  Eventually, when I was about 3 people back, they announced a 30 minute break.  I had assumed the break would be a bathroom break or similar but instead, they went into their drawer, dumped all the exchanged currency onto a chair and started sorting and counting it.  Myself and one guy in line, who turned out to be a banking consultant had several suggestions for improvements on this process, we should write Thomas Cook.  Counting took a long time, so we started to get to know each other in line.  The lady behind me was in India on a buying trip for her small clothing business.  She was from Australia, heading to Jaipur.  The trip was as much for the business of buying items and keeping relationships with distributors as it was content for her social media presence!  She has to constantly feed the social media stream to keep her brand presence.  She kindly agreed to watch my bags while I sprinted over to the carousel and got it just as they started loading the abandoned bags onto a cart.

The 30 minute break became 60 mins as the pile of counted and sorted money grew.  There was seriously a lot of cash there.  They piled it up on the counter.  Casually within reach of the public.  There seems to be very little theft here.  The clothing lady had a friend in one of the other queues and she noted there were 35 people in front of her so we thought it best to wait it out.  Eventually, we got going again.  I had GBP so I could only exchange 60 GBP which was around 4780INR.  I would think the 100 dollars is much closer to 80GBP right now but there was little point in arguing.  That got ‘service charged’ to 4500, mostly because I think it was simpler to count.  I am starting to see a loose connection to numbers here.  30 becomes 60, 100 become 60, 4700 becomes 4500.  Later I would see that, although some registers calculate the cents on the rupee, they are rounded up, nobody bothers with anything less than a rupee.  It is often rounded to 10, 50 or 100 as well.
 
Finally found my poor driver.  I don’t think his English is strong.  I noted it was the currency issue and he seemed to get that.  As we got going I could smell and see the haze of pollution in and around the city.  Exploring the next day, I could taste it on my lips.


The Taj was beautiful, of course.  Service was impeccable as I settled in.  Definitely not India prices.  They wanted 20GBP for a nightcap.  I’ll find another way to wind down, thanks.  Managed to get to sleep around 3am, off to explore tomorrow!

Thursday, January 29, 2015

Powershell to gather ILO Version and Firmware details

Here is a quick, useful snippet around using powershell to query ILO version and firmware.

Create a list of ilo names or IPs, one server per line.  Below notated as iloservers.txt

This powershell will interrogate version for each ilo instance.  An interesting sidenote here is that you can get some interesting information from ILO w/ no authentication (really?  In 2015 this is still the case? wtf.)


$ilo = New-Object System.Xml.XmlDocument
foreach ($server in (Get-Content .\iloservers.txt) ){
      $ilo.Load("http://$Server/xmldata?item=All")
      "$server : $($ilo.RIMP.MP.PN) - $($ilo.RIMP.MP.FWRI)"
}


Monday, October 15, 2012

DD-wrt, openvpn and selectively routing for multiple tunnels


So, as an expat living abroad, I have times when I want to have my traffic appearing as though I am from the US. Most recently, Newegg rejected some purchases I made b/c I am coming from an IP abroad. Dd-wrt has the facility to use an openvpn client but I don’t really want to send all my traffic overseas just for the few instances I need to redirect my traffic.

As an American living in the UK, most things are pretty similar but one thing that grates on me is the ‘big brother’ government. Recently, the gov’t tried to push through a snooping bill that would track all internet use. Australia has a similar one in the works.

Now, I am pretty boring but, in principle, I completely disagree with this. So in order to add more encrypted static to the world, I am also planning to route all of my non time critical internet traffic out a local UK vpn.

In some things, like RDP, latency really matters, so I will route those out my local ISP.

Mostly though, this is a just b/c I wanted to see if I could do it. B)

Below are some proof of concept steps that I hope will help someone else get up and running. This should work w/ any number of VPNs (or other interfaces) and w/ any linux w/ the right routing in the kernel. (it was there in dd-wrt so I didn't go too much into it, I saw some mention on several of the pages I used that you need certain kernel options).

I got some help on the forums, and these three pages really brought it all together for me.

To start, I have a Netgear WNR3500v2/U/L. Based on the peacock thread, I put in DD-WRT v24-sp2 (08/12/10) mega - build 14929. This has the necessary routing options compiled into the linux kernel to do what I need.

The basic idea is this:
  1. Bring up two VPN tunnels, one to the UK and one to US
  2. Create routing tables to send traffic in that table out the specific gateway
  3. Us iptables to mark packets for specific tables/routing
I am going to do this through a start up script. Getting all of this set up required me to get the ssh daemon running and I recommend the same if you try to do this. You can do this in DD-WRT under Services –> Services –> Secure Shell. 

Once that is set you can ssh to your dd-wrt box. Login with root and your password you use to get into the web console.

For a vpn provider, I am using Private Internet Access. Anybody that gives you an OpenVPN client and allows multiple connections should be fine but you may need to tweak your openVPN.conf files.

The script (in several parts):

First, since we are not configuring the openvpn client through the GUI (I leave Services –> VPN –> OpenVPN client disabled), we need to create our own config files.

Begin by creating the directory to hold your configuration:
                mkdir /tmp/openvpncl

Create a file w/ the cert for your vpn provider:
echo "-----BEGIN CERTIFICATE-----
--snip--
-----END CERTIFICATE-----
" >> /tmp/openvpncl/ca.crt

Next, we want to create our configuration files. We do this by echoing a bunch of lines to create a config file. We do this twice, once for each VPN.
#Setup US Tunnel Config
echo client > /tmp/openvpncl/openvpn-US.conf
echo dev tun >> /tmp/openvpncl/openvpn-US.conf
echo proto udp >> /tmp/openvpncl/openvpn-US.conf
echo remote _YourVpnServer_ 1194 >> /tmp/openvpncl/openvpn-US.conf
echo resolv-retry infinite >> /tmp/openvpncl/openvpn-US.conf
echo nobind >> /tmp/openvpncl/openvpn-US.conf
echo persist-key >> /tmp/openvpncl/openvpn-US.conf
echo persist-tun >> /tmp/openvpncl/openvpn-US.conf
echo ca /tmp/openvpncl/ca.crt >> /tmp/openvpncl/openvpn-US.conf
echo tls-client >> /tmp/openvpncl/openvpn-US.conf
echo remote-cert-tls server >> /tmp/openvpncl/openvpn-US.conf
echo auth-user-pass /tmp/password.txt >> /tmp/openvpncl/openvpn-US.conf
echo comp-lzo >> /tmp/openvpncl/openvpn-US.conf
echo verb 1 >> /tmp/openvpncl/openvpn-US.conf
echo reneg-sec 0 >> /tmp/openvpncl/openvpn-US.conf


#Setup UK Tunnel Config
echo client > /tmp/openvpncl/openvpn-UK.conf
echo dev tun >> /tmp/openvpncl/openvpn-UK.conf
echo proto udp >> /tmp/openvpncl/openvpn-UK.conf
echo remote _YourOtherVpnServer_ 1194 >> /tmp/openvpncl/openvpn-UK.conf
echo resolv-retry infinite >> /tmp/openvpncl/openvpn-UK.conf
echo nobind >> /tmp/openvpncl/openvpn-UK.conf
echo persist-key >> /tmp/openvpncl/openvpn-UK.conf
echo persist-tun >> /tmp/openvpncl/openvpn-UK.conf
echo ca /tmp/openvpncl/ca.crt >> /tmp/openvpncl/openvpn-UK.conf
echo tls-client >> /tmp/openvpncl/openvpn-UK.conf
echo remote-cert-tls server >> /tmp/openvpncl/openvpn-UK.conf
echo auth-user-pass /tmp/password.txt >> /tmp/openvpncl/openvpn-UK.conf
echo comp-lzo >> /tmp/openvpncl/openvpn-UK.conf
echo verb 1 >> /tmp/openvpncl/openvpn-UK.conf
echo reneg-sec 0 >> /tmp/openvpncl/openvpn-UK.conf

Note that you will need to replace YourVpnServer and YourOtherVpnServer w/ the details appropriate to your service.  There may be other options to change as well, though, the above is fairly basic and should work w/ most services.

When we bring our tunnels up and down, we will need to tell iptables to MASQUERADE for this connection.  These will be run as scripts so we need to set the execute bit for them.  We create our up and down scripts here:
#Tun0 route up script
echo iptables -A POSTROUTING -t nat -o tun0 -j MASQUERADE > /tmp/openvpncl/route-up-UK.sh
chmod 700 /tmp/openvpncl/route-up-UK.sh
#Tun0 route down script
echo iptables -D POSTROUTING -t nat -o tun0 -j MASQUERADE > /tmp/openvpncl/route-down-UK.sh
chmod 700 /tmp/openvpncl/route-down-UK.sh

#Tun1 route up script
echo iptables -A POSTROUTING -t nat -o tun1 -j MASQUERADE > /tmp/openvpncl/route-up-US.sh
chmod 700 /tmp/openvpncl/route-up-US.sh
#Tun1 route down script
echo iptables -D POSTROUTING -t nat -o tun1 -j MASQUERADE > /tmp/openvpncl/route-down-US.sh
chmod 700 /tmp/openvpncl/route-down-US.sh

of course, we need a username and password:
#General Config
echo USER > /tmp/password.txt
echo PASSWORD >> /tmp/password.txt

Now we bring up the tunnels.  Note the –route-nopull.  This ignores routing info from the openvpn server.  We want to specify our own routing.  Without that, openvpn seems to set our default traffic to go out the last tunnel brought up.  If you are having any trouble on this step, run the line without –daemon.
#Setup tunnels. 
/usr/bin/killall openvpn
/usr/sbin/openvpn --config /tmp/openvpncl/openvpn-UK.conf --route-nopull --route-up /tmp/openvpncl/route-up-UK.sh --down-pre /tmp/openvpncl/route-down-UK.sh --daemon
/usr/sbin/openvpn --config /tmp/openvpncl/openvpn-US.conf --route-nopull --route-up /tmp/openvpncl/route-up-US.sh --down-pre /tmp/openvpncl/route-down-US.sh --daemon

In order to setup routes, we need to get our default gateways for each interface.  First, though, we hang out for a couple seconds to allow the tunnels to establish:
#The tunnels can take a couple seconds to establish.  Hold for 5 seconds to allow for this
sleep 5

# get gateway addresses
IspGateway=$(ip route list table main | awk '/default/ { print $3}')
Tun0Gateway=$(ip route list table main | awk '/tun0/ { print $1}')
Tun1Gateway=$(ip route list table main | awk '/tun1/ { print $1}')


Now, we have our two tunnels established as tun0 (UK) and tun1 (US).  We also have our default (ppp0) route to our ISP.  Now we start getting fancy.  B) 

We are going to use iptables to MARK our packets.  Here we tell iproute route any packets marked with a 2 based on the routing table, 2.
# Create fwmark to table bindings
ip rule add fwmark 1 table main # ISP
ip rule add fwmark 2 table 2 # Tunnel 0 UK
ip rule add fwmark 3 table 3 # Tunnel 1 US

You can use ‘ip route show” to see current ip rules.

Now we setup the routing for each table.  For my setup, I am just giving the default route.
# Create table to tunnel bindings
ip route add default via $Tun0Gateway dev tun0 table 2 #Send out UK Tunnel
ip route add default via $Tun1Gateway dev tun1 table 3 #Send out US Tunnel

You can see the ip routes per table with:
ip route show table 2

Now we are ready to create specific rules.  You will probably have a lot more rules than the below. 
#UK tunnel rules
iptables -A PREROUTING -t mangle -s 192.168.1.0/24 -j MARK --set-mark 2

#US Tunnel rules
ip rule add to 174.129.0.77/32 table 3

#ISP rules
iptables -A PREROUTING -t mangle -p tcp --destination-port 3389 -j MARK --set-mark 1

In order, we first say that anything coming from this specific IP range (192.168.1.0/24) should route out the UK tunnel.
Next we use a different way of layer 3 routing w/ ip rule.  I am actually just going to stick to the iptables MARKing for simplicity but I wanted to show this was possible as well
Finally, we mark a packet based on destination port.  So we are saying any RDP traffic should go out the ISP interface.

That is all there is to it.  Iptables is pretty full featured, you can get pretty crazy w/ it.  Good luck and if you do something fun, please tell me about it.

Notes:
  •  If one of your tunnels goes down, your routing for that tunnel goes away.  Your traffic will start to flow out your default interface.  This may or may not be ideal depending on the sensitivity of what you are passing.  You can manage that with the route down commands if you are concerned.
  • the order your rules apply in matters.  see ip rule output to see the order.  If you want to 'override' the UK routing, in my example, you will need your rule to to have a lower ip rule id than the UK line.

The full script is below:
mkdir /tmp/openvpncl
echo "-----BEGIN CERTIFICATE-----
--snip--
-----END CERTIFICATE-----
" >> /tmp/openvpncl/ca.crt
#Setup US Tunnel Config
echo client > /tmp/openvpncl/openvpn-US.conf
echo dev tun >> /tmp/openvpncl/openvpn-US.conf
echo proto udp >> /tmp/openvpncl/openvpn-US.conf
echo remote _YourVpnServer_ 1194 >> /tmp/openvpncl/openvpn-US.conf
echo resolv-retry infinite >> /tmp/openvpncl/openvpn-US.conf
echo nobind >> /tmp/openvpncl/openvpn-US.conf
echo persist-key >> /tmp/openvpncl/openvpn-US.conf
echo persist-tun >> /tmp/openvpncl/openvpn-US.conf
echo ca /tmp/openvpncl/ca.crt >> /tmp/openvpncl/openvpn-US.conf
echo tls-client >> /tmp/openvpncl/openvpn-US.conf
echo remote-cert-tls server >> /tmp/openvpncl/openvpn-US.conf
echo auth-user-pass /tmp/password.txt >> /tmp/openvpncl/openvpn-US.conf
echo comp-lzo >> /tmp/openvpncl/openvpn-US.conf
echo verb 1 >> /tmp/openvpncl/openvpn-US.conf
echo reneg-sec 0 >> /tmp/openvpncl/openvpn-US.conf


#Setup UK Tunnel Config
echo client > /tmp/openvpncl/openvpn-UK.conf
echo dev tun >> /tmp/openvpncl/openvpn-UK.conf
echo proto udp >> /tmp/openvpncl/openvpn-UK.conf
echo remote _YourOtherVpnServer_ 1194 >> /tmp/openvpncl/openvpn-UK.conf
echo resolv-retry infinite >> /tmp/openvpncl/openvpn-UK.conf
echo nobind >> /tmp/openvpncl/openvpn-UK.conf
echo persist-key >> /tmp/openvpncl/openvpn-UK.conf
echo persist-tun >> /tmp/openvpncl/openvpn-UK.conf
echo ca /tmp/openvpncl/ca.crt >> /tmp/openvpncl/openvpn-UK.conf
echo tls-client >> /tmp/openvpncl/openvpn-UK.conf
echo remote-cert-tls server >> /tmp/openvpncl/openvpn-UK.conf
echo auth-user-pass /tmp/password.txt >> /tmp/openvpncl/openvpn-UK.conf
echo comp-lzo >> /tmp/openvpncl/openvpn-UK.conf
echo verb 1 >> /tmp/openvpncl/openvpn-UK.conf
echo reneg-sec 0 >> /tmp/openvpncl/openvpn-UK.conf

#Tun0 route up script
echo iptables -A POSTROUTING -t nat -o tun0 -j MASQUERADE > /tmp/openvpncl/route-up-UK.sh
chmod 700 /tmp/openvpncl/route-up-UK.sh
#Tun0 route down script
echo iptables -D POSTROUTING -t nat -o tun0 -j MASQUERADE > /tmp/openvpncl/route-down-UK.sh
chmod 700 /tmp/openvpncl/route-down-UK.sh

#Tun1 route up script
echo iptables -A POSTROUTING -t nat -o tun1 -j MASQUERADE > /tmp/openvpncl/route-up-US.sh
chmod 700 /tmp/openvpncl/route-up-US.sh
#Tun1 route down script
echo iptables -D POSTROUTING -t nat -o tun1 -j MASQUERADE > /tmp/openvpncl/route-down-US.sh
chmod 700 /tmp/openvpncl/route-down-US.sh


#General Config
echo USER > /tmp/password.txt
echo PASSWORD >> /tmp/password.txt

#Setup tunnels. 
/usr/bin/killall openvpn
/usr/sbin/openvpn --config /tmp/openvpncl/openvpn-UK.conf --route-nopull --route-up /tmp/openvpncl/route-up-UK.sh --down-pre /tmp/openvpncl/route-down-UK.sh --daemon
/usr/sbin/openvpn --config /tmp/openvpncl/openvpn-US.conf --route-nopull --route-up /tmp/openvpncl/route-up-US.sh --down-pre /tmp/openvpncl/route-down-US.sh --daemon

#The tunnels can take a couple seconds to establish.  Hold for 5 seconds to allow for this
sleep 5

# get gateway addresses
IspGateway=$(ip route list table main | awk '/default/ { print $3}')
Tun0Gateway=$(ip route list table main | awk '/tun0/ { print $1}')
Tun1Gateway=$(ip route list table main | awk '/tun1/ { print $1}')



# Create fwmark to table bindings
ip rule add fwmark 1 table main # ISP
ip rule add fwmark 2 table 2 # Tunnel 0 UK
ip rule add fwmark 3 table 3 # Tunnel 1 US

# Create table to tunnel bindings
ip route add default via $Tun0Gateway dev tun0 table 2 #Send out UK Tunnel
ip route add default via $Tun1Gateway dev tun1 table 3 #Send out US Tunnel


#UK tunnel rules
iptables -A PREROUTING -t mangle -s 192.168.1.0/24 -j MARK --set-mark 2

#US Tunnel rules
ip rule add to 174.129.0.77/32 table 3

#ISP rules
iptables -A PREROUTING -t mangle -p tcp --destination-port 3389 -j MARK --set-mark 1

analytics