0

Fixed with:

/etc/iproute2/rt_tables 1 tble_eth0

/etc/sysconfig/network-scripts/route-eth0 104.000.64.0/18 dev eth0 src 104.000.65.38 table tble_eth0 default via 104.000.64.1 dev eth0 src 104.000.65.38 table tble_eth0

/etc/sysconfig/network-scripts/rule-eth0 from 104.000.65.38 table tble_eth0

For some reason (I hope you know), after defined gre as default router, my public IP stop ping responding...

I can reach the box from the tunnel, but public IP is dead, and I want to keep it up...

[root@do1 ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 190.999.32.1 0.0.0.0 255.255.255.255 UH 0 0 0 do1 190.999.33.253 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 107.777.40.74 104.000.64.1 255.255.255.255 UGH 0 0 0 eth0 104.000.64.0 0.0.0.0 255.255.192.0 U 0 0 0 eth0 0.0.0.0 190.999.32.1 0.0.0.0 UG 0 0 0 do1 [root@do1 ~]# ifconfig do1 Link encap:UNSPEC HWaddr 00-00-00-00-FF-FF-00-00-00-00-00-00-00-00-00-00 inet addr:190.999.32.2 P-t-P:190.999.32.1 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MTU:1476 Metric:1 RX packets:817 errors:0 dropped:0 overruns:0 frame:0 TX packets:761 errors:3 dropped:0 overruns:0 carrier:0 collisions:3 txqueuelen:0 RX bytes:45073 (44.0 KiB) TX bytes:49285 (48.1 KiB) eth0 Link encap:Ethernet HWaddr 04:01:37:F1:DC:01 inet addr:104.000.65.38 Bcast:104.000.127.255 Mask:255.255.192.0 inet6 addr: fe80::601:37ff:fef1:dc01/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:5046 errors:0 dropped:0 overruns:0 frame:0 TX packets:4385 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:506257 (494.3 KiB) TX bytes:459398 (448.6 KiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) [root@do1 ~]#

Basically; I cannot ping 104.000.65.38 from Internet, but I can reach it from tunnel...

I have tried several routing rules, but I put this as simple as possible to see if someone may give us some help.

Thank you!

Improve this question
1
  • Sounds like you want to enable 'split tunneling' google it and see if that's what you're looking for. Commented Jan 4, 2015 at 23:35

1 Answer 1

Reset to default
2

With your current configuration your default gateway is the tunnel itself (do1).

So when you ping 104.000.65.38 from the internet the packets arrive to eth0 but they return via the do1 tunnel instead.

You will need to do connection marking with iptables and set up a secondary routing table with default gateway 104.000.64.1 so that packets that arrive to eth0 get routed back via eth0 and not via do1.

Improve this answer
3
  • Hi, yes, that is what I have been trying with no success... May you please give me some example? Thank you. Commented Jan 5, 2015 at 14:03
  • I haven't done that on Linux before so I don't have a hands-on example to give you. With a quick search I found the following (that seem to be an easier way to do it even without iptables!) unix.stackexchange.com/questions/4420/… and linux-tips.org/article/71/… Commented Jan 5, 2015 at 14:13
  • 1
    Thank you bro. So, I fixed by adding this: /etc/iproute2/rt_tables 1 tble_eth0 /etc/sysconfig/network-scripts/route-eth0 104.000.64.0/18 dev eth0 src 104.000.65.38 table tble_eth0 default via 104.000.64.1 dev eth0 src 104.000.65.38 table tble_eth0 /etc/sysconfig/network-scripts/rule-eth0 from 104.000.65.38 table tble_eth0 Commented Jan 6, 2015 at 15:52

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.