workaround to use tinc as default gateway
shikkc
shikkc at kirktis.net
Mon Apr 13 02:46:09 CEST 2015
On 2015-04-11 21:16, kyler-keyword-tinc.0fe9e4 at lairds.com wrote:
> Here's a brief demo, using 76.54.32.1 as the VPN's gateway which I'm trying
> to use in the VPN table, 201.
>
> # sh -x /tmp/route.sh
> + ifconfig tap0 192.168.1.100 netmask 255.255.255.0 up
> + ip route add 76.54.32.1 dev tap0 table 201
> + ip route add default via 76.54.32.1 table 201
> RTNETLINK answers: No such process
> + ip route add 76.54.32.1 dev tap0 table main
> + ip route add default via 76.54.32.1 table 201
> + ip route show table 201
> 76.54.32.1 dev tap0 scope link
> default via 76.54.32.1 dev tap0
> + ip route del 76.54.32.1 dev tap0 table main
> + ip route show table 201
> 76.54.32.1 dev tap0 scope link
> default via 76.54.32.1 dev tap0
>
> I welcome suggestions for making this cleaner.
Multiple tables are definitely the right way to do this if you have the
option! Your example is a little unclear - I'm not sure if you are running
these commands on the 'gateway' machine or on 'client' machines.
The simplest choice I find is to do this in two places. One in the subnet
script for your gateway, and one in the general host script. I've called your
gateway machine 'gateway' here. Likewise, GATEWAY_VPN_ADDRESS is not a
variable, but needs to be replaced with your gateway's internal address on
the VPN (not the outward facing interface). These examples are, of course,
simplified and you should do some modifications to suit, especially if I've
misunderstood your example :)
host-up:
#!/bin/sh
ip route add throw ${REMOTEADDRESS}/32 table 201
host-down:
#!/bin/sh
ip route del throw ${REMOTEADDRESS}/32 table 201
gateway-up:
#!/bin/sh
ip route add 0.0.0.0/0 via GATEWAY_VPN_ADDRESS table 201
gateway-down:
#!/bin/sh
ip route del 0.0.0.0/0 via GATEWAY_VPN_ADDRESS table 201
--
-shikkc
More information about the tinc
mailing list