routing thru tinc
Loic Dachary
loic at dachary.org
Thu Jul 7 22:13:34 CEST 2011
On 07/07/2011 01:32 PM, Guus Sliepen wrote:
> On Thu, Jul 07, 2011 at 01:09:00PM +0200, Loic Dachary wrote:
>
>
>> I setup tinc on two hosts with IP 192.168.200.102 on the first and IP
>> 192.168.200.101 on the second. And it works. Now I would like to route
>> packets thru 192.168.200.101 from 192.168.200.102 by adding the
>> following route:
>>
>> ip route add 10.10.70.0/24 via 192.168.200.101 dev TINCDEVICE
>>
> Gateway routes do not work as you expect in router mode. The above is
> equivalent to the same command without the via part:
>
> ip route add 10.10.70.0/24 dev TINCDEVICE
>
> You can either use Mode = switch, in which case the gateway route will work as
> you intended, or you can keep using router mode, but then you have to add
> "Subnet = 10.10.70.0/24" to hosts/name_of_second_node, so that tinc will know
> that packets with addresses in that Subnet have to be sent to the second node.
>
>
>> However, when I ping 10.10.70.254 from 192.168.200.102, I see the packet
>> being sent to TINCDEVICE (tcmpdump)
>>
>> 13:04:17.675440 IP 192.168.200.102 > 10.10.70.254: ICMP echo request, id
>> 6201, seq 1, length 64
>>
> You can see in the tcpdump that there is no mention of "192.168.200.101" in
> that packet. The only effect a via statement has is on Ethernet networks, where
> ARP will be used to find which MAC address belongs to the gateway address, and
> then packets will be sent to that MAC address. Still, it went to the right
> interface.
>
>
>> 13:04:17.675467 IP 10.10.70.254 > 192.168.200.102: ICMP net 10.10.70.254
>> unreachable - unknown, length 92
>>
> This is tinc complaining it doesn't know about 10.10.70.254.
>
> I hope this helps.
>
It is crystal clear. Thanks a lot :-)
Cheers
-------------- next part --------------
A non-text attachment was scrubbed...
Name: loic.vcf
Type: text/x-vcard
Size: 327 bytes
Desc: not available
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20110707/3174fb44/attachment.vcf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20110707/3174fb44/attachment.pgp>
More information about the tinc
mailing list