From: /dev/rob0 <rob0@gmx.co.uk>
To: netfilter@lists.netfilter.org
Subject: Re: Route packets from an interface to another
Date: Sat, 10 Sep 2005 02:54:40 -0500 [thread overview]
Message-ID: <200509100254.40327.rob0@gmx.co.uk> (raw)
In-Reply-To: <200509092345.40386.rob0@gmx.co.uk>
On Friday 2005-September-09 23:45, I wrote:
Most of the story, but an important part was missing. Apologies to
anyone who is seeing this on both lists.
> Home machine: LAN address 192.168.6.6/24 (no direct external
> interface) Remote machine: x.y.z.112/29
>
> Home openvpn config:
> remote x.y.z.112
> ifconfig x.y.z.116 192.168.6.248
> ifconfig-nowarn
>
> Remote openvpn config:
> remote my.dynamic.dnsname
> ifconfig 192.168.6.248 x.y.z.116
>
> Started both ends of the tunnel. At home:
> # echo 64 tunnel >> /etc/iproute2/rt_tables
> # ip rule add from x.y.z.116 table tunnel
> # ip route add default via 192.168.6.248 table tunnel
> # ip route flush cache
> (These should go in an openvpn --up script.)
Also, at the remote:
# echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
# echo 1 > /proc/sys/net/ipv4/ip_forward
(These might be wanted in an --up script at the other endpoint.)
The first command tells the eth0 interface (substitute the name of
yours) to listen for proxy ARP: hosts other than itself, but for whom
it has an explicit route. http://en.wikipedia.org/wiki/Proxy_ARP
explains better than I can.
Earlier, by accident, I had bound the wrong IP's at each endpoint, so
the system arp(8) cache was still answering for x.y.z.116. In time the
cache timed out, and the tunnel stopped working.
The second command is not needed if you were already using the machine
as a router, which I was, but it occurred to me that you and others
might not be doing that.
--
mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header
next prev parent reply other threads:[~2005-09-10 7:54 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-09 19:51 Route packets from an interface to another Jonathan
2005-09-09 21:36 ` /dev/rob0
2005-09-09 21:18 ` Jonathan
2005-09-10 4:45 ` /dev/rob0
2005-09-10 7:54 ` /dev/rob0 [this message]
2005-09-12 7:56 ` Jonathan
2005-09-13 1:45 ` /dev/rob0
2005-09-12 13:36 ` Rudi Starcevic
[not found] ` <65aa6af905091114314108597e@mail.gmail.com>
2005-09-11 21:32 ` Fwd: " Edmundo Carmona
2005-09-12 14:39 ` Rudi Starcevic
[not found] ` <65aa6af9050911145833fa12fd@mail.gmail.com>
2005-09-11 21:58 ` Edmundo Carmona
2005-09-12 15:06 ` Fwd: " Rudi Starcevic
[not found] ` <65aa6af9050911151962bc24a2@mail.gmail.com>
2005-09-11 22:20 ` Edmundo Carmona
2005-09-12 15:19 ` Rudi Starcevic
2005-09-11 21:34 ` /dev/rob0
2005-09-12 14:47 ` Rudi Starcevic
2005-09-12 14:51 ` Rudi Starcevic
-- strict thread matches above, loose matches on Subject: below --
2007-09-10 12:18 vinod K D
2007-09-10 15:23 ` Grant Taylor
2005-09-09 19:15 Jonathan
2005-09-09 20:22 ` Edmundo Carmona
2005-09-09 19:32 ` Jonathan
[not found] ` <65aa6af905090913353e0d0150@mail.gmail.com>
2005-09-09 20:35 ` Edmundo Carmona
[not found] ` <1224.83.227.26.235.1126295454.squirrel@webmail.2lug.se>
2005-09-09 21:03 ` Edmundo Carmona
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200509100254.40327.rob0@gmx.co.uk \
--to=rob0@gmx.co.uk \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox