Date: Fri, 26 Apr 2002 21:49:48 +1000 From: Edwin Groothuis <edwin@mavetju.org> To: Ruben de Groot <fbsd-q@bzerk.org> Cc: freebsd-questions@freebsd.org Subject: Re: Routing problem 2nd public IP (using pptp) Message-ID: <20020426214948.A56548@k7.mavetju.org> In-Reply-To: <20020426125228.A15075@ei.bzerk.org>; from fbsd-q@bzerk.org on Fri, Apr 26, 2002 at 12:52:28PM %2B0200 References: <20020426125228.A15075@ei.bzerk.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Apr 26, 2002 at 12:52:28PM +0200, Ruben de Groot wrote: > tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500 > inet 213.84.67.7 --> 195.190.240.223 netmask 0xffffff00 > Opened by PID 575 > tun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500 > inet 213.84.67.8 --> 195.190.240.223 netmask 0xffffff00 > Opened by PID 582 > > Looks ok, but I can only connect to the first (tun0) interface. > While pinging from another machine I let tcpdump listen on tun1: > > tcpdump: listening on tun1 > 12:21:49.427878 130.161.221.138 > 213.84.67.8: icmp: echo request (DF) > 12:21:50.422595 130.161.221.138 > 213.84.67.8: icmp: echo request (DF) > 12:21:51.422480 130.161.221.138 > 213.84.67.8: icmp: echo request (DF) > > So, packets coming in, but not going out. Meanwhile, on a terminal not > far away: > > tcpdump: listening on tun0 > 12:25:14.433293 213.84.67.8 > 130.161.221.138: icmp: echo reply (DF) > 12:25:15.430252 213.84.67.8 > 130.161.221.138: icmp: echo reply (DF) > 12:25:16.429940 213.84.67.8 > 130.161.221.138: icmp: echo reply (DF) > > So the echo-replies are leaving through interface tun0, with the IP > address of interface tun1. No wonder they never make it back. > > How can I make sure that packets will use the right interface? I believe > this is a routing problem, so here's > > mug# netstat -rn > Routing tables > > Internet: > Destination Gateway Flags Refs Use Netif Expire > default 195.190.240.223 UGSc 2 1185 tun0 > 127.0.0.1 127.0.0.1 UH 0 4 lo0 > 195.190.240.223 213.84.67.7 UH 3 0 tun0 You have to specify which hosts/networks you want to reach via tun0 and which ones via tun1. So if you want to send all traffic for 10.0.0.0/8 via tun1 and the rest via tun0: route add -net 10.0.0.0 255.0.0.0 -interface tun1 route add default -interface tun0 On the other hand, if you want to do load-balancing, use netgraph(4)(*) and ng_one2many(4)(8). Edwin (*) on which ones I have no experience, unfortunatly. -- Edwin Groothuis | Personal website: http://www.MavEtJu.org edwin@mavetju.org | Interested in MUDs? Visit Fatal Dimensions: bash$ :(){ :|:&};: | http://www.FatalDimensions.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020426214948.A56548>