Tuesday 31 October 2017

routing - What routes must be set (in Linux) to allow Internet access through given interface without setting it default?


I am trying to solve a task with routing and OpenVPN's configuration.


After setting the connection, I don't want it to become defaut route to anything, but rather want to use its interface for this kind of activity: curl --interface tun20 http://someaddress.


However, without default route configured, it seems that the host system is unable to send/receive packets (I think it can't receive them back from VPN, because the sniffer at someaddress somehow receives the tcp connection attempt packet which is never continued by data).


With default route set, VPN works OK - tested that.


ifconfig:


tun20     Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:10.200.2.236  P-t-P:10.200.2.236  Mask:255.255.252.0
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:2 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:258 (258.0 B)  TX bytes:0 (0.0 B)

With default route from server:


route -n:


Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.200.0.1      128.0.0.0       UG    0      0        0 tun20
0.0.0.0         192.168.0.1     0.0.0.0         UG    0      0        0 wlan0
10.200.0.0      0.0.0.0         255.255.252.0   U     0      0        0 tun20
66.187.67.130   192.168.0.1     255.255.255.255 UGH   0      0        0 wlan0
128.0.0.0       10.200.0.1      128.0.0.0       UG    0      0        0 tun20
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0

When the default's route is discarded by route-nopull directive, I get this:


route -n:


Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.0.1     0.0.0.0         UG    0      0        0 wlan0
10.200.0.0      0.0.0.0         255.255.252.0   U     0      0        0 tun20
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0


So I want routing/forwarding recommendations on bringing this to work.



Answer



That was a nice experience to learn. From https://superuser.com/a/374566/49318, I've found a link to something worth a hour of reading man ip and ip help:


echo 11 mpdevtun7 >> /etc/iproute2/rt_tables
ip route add default via %yourIP% dev tun17 table mpdevtun7
ip rule add from %yourIP% lookup mpdevtun7 prio 1000

Now, curl --interface tun7 works fine. That's all, folks.


-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Where does Skype save my contact's avatars in Linux?

I'm using Skype on Linux. Where can I find images cached by skype of my contact's avatars? Answer I wanted to get those Skype avat...