VPN roadwarrior network configuration setup with dhcpcd 6.x

dhcpcd.conf

# We don't care about some DHCP options per default
nooption domain_name_servers, domain_name, domain_search, host_name

# Allow sudo-enabled users to control dhcpcd
controlgroup wheel

ipv6ra_own
noipv4ll
noarp

reboot 0

# These hooks are shipped with dhcpcd and are not necessary
nohook hostname
nohook wpa_supplicant
nohook timezone
nohook lookup-hostname

# VPN network interface
interface vpn
reboot 5
metric 42
option domain_name_servers

# USB smartphone tethering
interface usb0
metric 50
nogateway

# Cabled network interface
interface eth0
option domain_name_servers
metric 100

# Wifi interface
interface wlan0
metric 200
nogateway

# Home Wifi network
ssid myHomeSSID
metric 23
hostname
option domain_name_servers
gateway

# Hotspot that needs login over a portal
ssid HotspotSSID
metric 500
option domain_name_servers
gateway

vpn-hook

#!/bin/bash

VPN_GATEWAY_IPV4=1.2.3.4
VPN_GATEWAY_IPV6=2001:0DB8:2342:cafe::1

if [[ $interface != vpn ]]; then
  if $if_up; then
    case "$reason" in
    BOUND)
      ip r add $VPN_GATEWAY_IPV4 via $new_routers dev $interface
      ;;
    BOUND6)
      ip -6 r add $VPN_GATEWAY_IPV6 via $new_routers dev $interface
      ;;
    ROUTERADVERT)
      if [ -z "$(ip -6 r list exact $VPN_GATEWAY_IPV6)" ]; then
        ra_from_var="ra${ra_count}_from"
        ip -6 r add $VPN_GATEWAY_IPV6 via ${!ra_from_var} dev $interface
      fi
      ;;
    esac
  elif $if_down; then
    ip r del $VPN_GATEWAY_IPV4 dev $interface 2>&1
    ip -6 r del $VPN_GATEWAY_IPV6 dev $interface 2>&1
  fi
fi