routing thru tinc

[Ramses]

El 07/07/2011, a las 13:32, Guus Sliepen <guus at tinc-vpn.org> escribió:

> On Thu, Jul 07, 2011 at 01:09:00PM +0200, Loic Dachary wrote:
> 
>> I setup tinc on two hosts with IP 192.168.200.102 on the first and IP
>> 192.168.200.101 on the second. And it works. Now I would like to route
>> packets thru 192.168.200.101 from 192.168.200.102 by adding the
>> following route:
>> 
>> ip route add 10.10.70.0/24 via 192.168.200.101 dev TINCDEVICE
> 
> Gateway routes do not work as you expect in router mode. The above is
> equivalent to the same command without the via part:
> 
> ip route add 10.10.70.0/24 dev TINCDEVICE
> 
> You can either use Mode = switch, in which case the gateway route will work as
> you intended, or you can keep using router mode, but then you have to add
> "Subnet = 10.10.70.0/24" to hosts/name_of_second_node, so that tinc will know
> that packets with addresses in that Subnet have to be sent to the second node.
> 
>> However, when I ping 10.10.70.254 from 192.168.200.102, I see the packet
>> being sent to TINCDEVICE (tcmpdump)
>> 
>> 13:04:17.675440 IP 192.168.200.102 > 10.10.70.254: ICMP echo request, id
>> 6201, seq 1, length 64
> 
> You can see in the tcpdump that there is no mention of "192.168.200.101" in
> that packet. The only effect a via statement has is on Ethernet networks, where
> ARP will be used to find which MAC address belongs to the gateway address, and
> then packets will be sent to that MAC address. Still, it went to the right
> interface.
> 
>> 13:04:17.675467 IP 10.10.70.254 > 192.168.200.102: ICMP net 10.10.70.254
>> unreachable - unknown, length 92
> 
> This is tinc complaining it doesn't know about 10.10.70.254.
> 
> I hope this helps.

And verify that:

# Enables packet forwarding
net.ipv4.ip_forward = 1


Enviado desde mi Móvil
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20110707/8cb3efac/attachment.html>