[clug] routing advice needed
kim.holburn at anu.edu.au
Wed Dec 3 09:34:59 GMT 2003
At 8:25 PM +1100 2003/12/03, Michael Manning wrote:
>I don't understand why you would want to route a packet destined for
>your VPN back out to the internet. Most times you would not be
>using internet routable IP's in your VPN subnet anyway (unless you
>had one real IP that was owned by the VPN server). Wouldn't you want
>the packet addressed to the VPN (220.127.116.11/24) to be routed somewhere
>in the VPN subnet?
All the IPs here are "real". I want one internal subnet to connect
to the remote subnet through the VPN as a peer and the other to see
the remote subnet from the outside. It's not that unusual is it?
>Are you trying to establish some sort of VPN (using GRE IP
>tunneling?) that is using a real world IP?
Yes. (only not GRE)
>I am may be a little confused as to the outcomes you are trying
>achieve. Could you elaborate a bit?
>On Wed, 2003-12-03 at 20:02, Kim Holburn wrote:
>>For you router guys out there I need some advice.
>>I have a machine with 3 interfaces.
>>eth0 -> 18.104.22.168/26 -> 22.214.171.124 -> internet
>>eth1 -> 126.96.36.199/24 -> 188.8.131.52/24
>> -> 184.108.40.206 -> VPN to 220.127.116.11/24
>>eth2 -> 18.104.22.168/24 -> internal net
>>default route is -> eth0 22.214.171.124
>>if I have a packet from eth2 to the special subnet 126.96.36.199/24 I
>>want to it to go via a gateway on eth1 188.8.131.52 (say a VPN) but
>>if I have a packet from eth1 to 184.108.40.206/24 I want it to go via the
>>default route (eth0).
>>I use the command:
>>ip route 220.127.116.11/24 via 18.104.22.168 from 22.214.171.124/24
>>but what I get is the same as if I ran:
>>ip route 126.96.36.199/24 via 188.8.131.52
>>Anyone have an idea how to do that?
>Red Hat Certified Engineer
>Email: michael at catman.homelinux.org
Network Consultant - Telecommunications Engineering
Research School of Information Sciences and Engineering
Australian National University - Ph: +61 2 61258620 M: +61 0417820641
Email: kim.holburn at anu.edu.au - PGP Public Key on request
Life is complex - It has real and imaginary parts.
Andrea Leistra (rec.arts.sf.written.Robert-jordan)
More information about the linux