I have a linux box with 2 IP addresses on it 126.96.36.199 on eth0 and
10.90.90.90 on dummy0. 10.90.90.0/24 is VPN tunnelled to reach
188.8.131.52 (not in private address space, I know).
If I make a request to 184.108.40.206 where there source address is given
as 10.90.90.90 all works well - traffic is routed over the VPN, I can
connect to server at other end. Manually specifying the source
address is however a pain (e.g. can't do it out of the box in
If I make a request to 220.127.116.11 without specifying a source address
the box tries to route it via the default internet gateway as opposed
to the VPN. 18.104.22.168 is only available via the VPN.
So uncomfortable as it made me I tried to add a route for 22.214.171.124
ip route add 126.96.36.199 dev dummy0
ip route add 188.8.131.52 dev dummy0 src 10.90.90.90
Now if I make a request to 184.108.40.206 without specifying a source
address I can see VPN traffic and SYN/ACKs from 220.127.116.11 over and
over again but no connection. So no joy there.
I'm guessing the overall issue is to do with the fact that the VPN
does not appear as route. I think when a packet matches the setkey
spec the VPN will grab it, otherwise no. The VPN set-up is pretty
much dictated to me from the guys on the other side.
Anyone any ideas/pointers on how to do this?
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!