On Mon, Dec 04, 2006 at 10:19:13AM +0000, John Joseph wrote: > I wanted advice on how to make all external traffic > flow through the secound interface (ppp0)
Hi John, I tried to reformat your messy mail. Console copies should be subject to automatic line breaking. > [EMAIL PROTECTED] etc]# route > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use Iface > 169.254.0.0 * 255.255.0.0 U 0 0 0 eth0 > 10.0.0.0 * 255.0.0.0 U 0 0 0 eth0 > default 10.0.0.1 0.0.0.0 UG 0 0 0 eth0 > [EMAIL PROTECTED] etc]# > > Now after connecting to the VPN > > [EMAIL PROTECTED] etc]# ifconfig > eth0 Link encap:Ethernet HWaddr 00:0C:29:B7:E8:16 > inet addr:10.0.0.13 Bcast:10.255.255.255 Mask:255.0.0.0 > inet6 addr: fe80::20c:29ff:feb7:e816/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:14097 errors:0 dropped:0 overruns:0 frame:0 > TX packets:4167 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:1051161 (1.0 MiB) TX bytes:531339 (518.8 KiB) > Interrupt:10 Base address:0x1400 > > lo Link encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 > inet6 addr: ::1/128 Scope:Host > UP LOOPBACK RUNNING MTU:16436 Metric:1 > RX packets:8 errors:0 dropped:0 overruns:0 frame:0 > TX packets:8 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:560 (560.0 b) TX bytes:560 (560.0 b) > > ppp0 Link encap:Point-to-Point Protocol > inet addr:192.168.168.100 P-t-P:192.168.168.167 > Mask:255.255.255.255 > UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1410 Metric:1 > RX packets:8 errors:0 dropped:0 overruns:0 frame:0 > TX packets:8 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:3 > RX bytes:462 (462.0 b) TX bytes:468 (468.0 b) > > > [EMAIL PROTECTED] etc]# route > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use Iface > 192.168.168.167 * 255.255.255.255 UH 0 0 0 ppp0 > 169.254.0.0 * 255.255.0.0 U 0 0 0 eth0 > 10.0.0.0 * 255.0.0.0 U 0 0 0 eth0 > default 10.0.0.1 0.0.0.0 UG 0 0 0 eth0 > [EMAIL PROTECTED] etc]# > > > at this stage , when I do ping -I 192.168.168.100 > outsideIP , I do not get reply > but I get reply for ping -I 192.168.168.100 MyVPN > serverIP address. > > > In order to route the traffic through ppp0 , I did try > > > route add default gw 192.168.168.167 ppp0 > > which gives the route result as > [EMAIL PROTECTED] etc]# route > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use Iface > 192.168.168.167 * 255.255.255.255 UH 0 0 0 ppp0 > 169.254.0.0 * 255.255.0.0 U 0 0 0 eth0 > 10.0.0.0 * 255.0.0.0 U 0 0 0 eth0 > default 192.168.168.167 0.0.0.0 UG 0 0 0 ppp0 > default 10.0.0.1 0.0.0.0 UG 0 0 0 eth0 > > After this stage also , my traffic get routed through > eth0 , not through ppp0 > My intention is to route all the traffic through ppp0 > , once the VPN connection established. The default route is a catch-all route and there should be normally not more than one of them. But that doesn't directly apply to your problem. Routing means you try the best match first. That means that the most open routing netmask will be tried last. The routing table above already shows the order in which the netaddress/netmask pairs will be tested. As you see, the networks 192.168.168.167/32, 169.254.0.0/16 and 10.0.0.0/8 are tried before the default route. One option would be to remove these routes when the VPN comes up. You have to make sure, though, that the VPN gateway stays reachable thus you would add a route to your VPN gateway via gateway 10.0.0.1 in your example. The other and maybe more straight forward option is to place the stuff in a different routing table. Read more on this in: http://lartc.org/howto/ http://snafu.freedom.org/linux2.2/docs/advanced-routing/ You want specifically look at the explanations for "ip rule" and "ip route". > Note:- My Dual boot XP gets connected and the traffic > are routed through ppp0 by default. > Guidance requested I hope my notes help you to guide yourself. Best regards, Dirk. -- Perl's grammar can not be reduced to BNF. The work of parsing perl is distributed between yacc, the lexer, smoke and mirrors. (Chaim Frenkel)
