Sorry, i dont understood:
why the 2 ips (gmx.de; spiegel.de) a different routing? both are  
public ips with same scheme? why there a differnt handle by my routing  
table?


this server is a webserver. over tun0 comes traffic from internet.
also: client -> rootserver (public ip) ---vpn------> server (tun0/10.8.0.6)
i want that all traffic comes over tun0 goes back to tun0.




Zitat von Selva Nair <selva.n...@gmail.com>:

> On Mon, Dec 7, 2015 at 12:53 AM, Axel Glienke <a...@glienke.cc> wrote:
>
>> i have a little question.
>>
>> My system:
>>
>> ip route:
>> 0.0.0.0/1 via 10.8.0.5 dev tun0
>> default via 192.168.2.1 dev br0  proto static  metric 425
>> 10.8.0.1 via 10.8.0.5 dev tun0
>> 10.8.0.5 dev tun0  proto kernel  scope link  src 10.8.0.6
>> 88.198.140.127 via 192.168.2.1 dev br0
>> 192.168.2.0/24 dev br0  proto kernel  scope link  src 192.168.2.101
>> metric 425
>> 192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1
>>
>>
>> traceroute gmx.de
>> traceroute to gmx.de (213.165.65.60), 30 hops max, 60 byte packets
>>   1  Speedport.ip (192.168.2.1)  0.578 ms  0.662 ms  0.859 ms
>> ^C
>> [root@h1 ~]# traceroute spiegel.de
>> traceroute to spiegel.de (62.138.116.3), 30 hops max, 60 byte packets
>>   1  10.8.0.1 (10.8.0.1)  35.009 ms  34.982 ms  34.956 ms
>> ^C
>>
>> Why the routing is different, in first case over br0 in second over
>> the vpn device?
>>
>>
> Because of this route in the routing table:
>
> 0.0.0.0/1 via 10.8.0.5 dev tun0
>
> Remove it.
>
> I want, that only traffic, incoming over tun0 routing back over tun0.Is
>> this possible with iptables/firewalld-cmd?
>>
>
> If the only traffic coming in through tun0 is from 10.8.0.1, the 2 routes
> to 10.8.0.x will take care of that. If there are other hosts to be reached
> through the tunnel, additional routes will be needed.
>
> Selva



Grüße

Axel


------------------------------------------------------------------------------
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741911&iu=/4140
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Reply via email to