Hi Guus,<div><br></div><div>Thank you for the information, I need to brush up on my Linux routing information, as it is apparently not the same as Cisco :). Unfortunately I am still not getting any traffic to traverse the VPN. </div>
<div><br></div><div><br><div class="gmail_quote">On Sat, Sep 15, 2012 at 7:23 AM, Guus Sliepen <span dir="ltr"><<a href="mailto:guus@tinc-vpn.org" target="_blank">guus@tinc-vpn.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="im">The response "Destination Net Unknown" means that tinc does not know where to</div>
send packets with IP address 192.168.1.2 to. <br></blockquote><div><br></div><div>I thought that since my route table had an entry for the entire <a href="http://192.168.0.0/16">192.168.0.0/16</a> subnet from the tinc-up script it would not need a more specific route. Does this route not tell the server to send the traffic over the tunnel interface? </div>
<div><span style="color:rgb(34,34,34);font-family:'courier new',monospace;font-size:13px;background-color:rgb(255,255,255)">192.168.0.0 * 255.255.0.0 U 0 0 0 tun0</span>
</div><div><span style="color:rgb(34,34,34);font-family:'courier new',monospace;font-size:13px;background-color:rgb(255,255,255)"><br></span></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
You should add "Subnet = 192.168.1.1" to hosts/server1, and "Subnet =<br>
192.168.1.2" to hosts/client1. Then the ping command should work.<br></blockquote><div><br></div><div>I tried adding this to each host file but have not noted any difference.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Alternatively, you can use "Mode = switch" in tinc.conf and omit all the Subnet<br>
statements.<br>
<br></blockquote><div>Indeed this does work. However, I would rather not use switch mode as I would like to limit the broadcast domain and be able to set firewall rules on traffic if necessary.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I suggest the following configuration:<br>
<br>
hosts/server1:<br>
<br>
Address = 1.1.1.1<br>
Subnet = <a href="http://10.18.73.0/24" target="_blank">10.18.73.0/24</a><br>
<br>
server1's tinc-up:<br>
<br>
#!/bin/sh<br>
ifconfig $INTERFACE 10.18.73.23 netmask 255.0.0.0<br>
<br>
hosts/client1:<br>
<br>
Subnet = <a href="http://10.0.2.0/24" target="_blank">10.0.2.0/24</a><br>
<br>
client1's tinc-up:<br>
<br>
#!/bin/sh<br>
ifconfig $INTERFACE 10.0.2.15 netmask 255.0.0.0<br>
<br>
That way, you should be able to ping 10.0.2.15 directly from the server.<br>
<span class="HOEnZb"><font color="#888888"><br></font></span></blockquote><div>I did not realize that the same IP address can be used on multiple interfaces. Unfortunately this does not work either. </div><div><br></div>
<div>What I have noticed in the logs is that I both send and receive the ADD_SUBNET statements for each of the subnets in my host config files, but I don't see any change on the route tables. Shouldn't I be able to see a route in my route table for each of the routes that is added? Is there something I may be doing wrong with how it starts that is preventing it from making entries in the route table?</div>
<div><br></div><div>Thanks for your help,</div><div>Ryan</div></div></div>