tinc and routing

Clark Rawlins CRawlins at escient.com
Fri Oct 10 15:41:24 CEST 2003 

I have two internal networks 192.168.9.0/24 and 192.168.0.0/24 each
connected 
to the internet and each connected as a VPN via tinc (device vpn). The
gateways 
are 192.168.9.1 and 192.168.0.1

Attached to the 192.168.9.0/24 network is another network 172.16.1.0/24 via
a 
gateway 192.168.0.1 <==> 172.16.1.1.

On 192.168.0.1 gateway I have routes (route -n) like this:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
x.x.x.152       0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.0.0     0.0.0.0         255.255.255.0 	U     0      0        0 eth1
172.16.1.0      192.168.9.1     255.255.255.0   UG    0      0        0 vpn
192.168.0.0     0.0.0.0         255.255.0.0     U     0      0        0 vpn
0.0.0.0         x.x.x.158       0.0.0.0         UG    0      0        0 eth0

And on 192.168.9.1 route -n like this:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
y.y.y.0         0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.9.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
172.16.1.0      0.0.0.0         255.255.255.0   U     0      0        0 eth2
192.168.0.0     0.0.0.0         255.255.0.0     U     0      0        0 vpn
0.0.0.0         y.y.y.1         0.0.0.0         UG    0      0        0 eth0

The gateway for 172.16.1.0/24 has a route for 192.168.0.0/16 that points to
the 
192.168.9.1 machine.

I can ping hosts on 172.16.1.0/24 from 192.168.9.1.
I can ping hosts on 192.168.9.0/24 from 172.16.1.0/24.
This tells me that my routes between these two networks 
are correct.

I can ping hosts on 192.168.0.0/24 from 192.168.9.0/24.
I can ping hosts on 192.168.9.0/24 from 192.168.0.0/24.
This tells me that the tinc vpn is working between these two networks.

The problem I am having is that on any host in 172.16.1.0/24 if I
attempt to ping a host on 192.168.0.0/24 the packets get dropped somewhere.
Traceroute shows.

$ tracert 192.168.15.201

Tracing route to 192.168.0.10 over a maximum of 30 hops

  1   <10 ms   <10 ms   <10 ms  172.16.1.1
  2     *        *        *     Request timed out.

This shows that the route to 192.168.0.0/24 is going to the right location
on the local network it just isn't going across the tinc vpn.

I get similar behavior pinging hosts on 172.16.1.0/24 from 192.168.0.0/24.

Does tinc support gateway routing to other networks across its interfaces?

Otherwise it works great and I enjoy using it.

Clark


--
TINC development list, tinc-devel at nl.linux.org
Archive: http://mail.nl.linux.org/tinc-devel/

More information about the Tinc-devel mailing list