Sorry, i dont understood: why the 2 ips (gmx.de; spiegel.de) a different routing? both are public ips with same scheme? why there a differnt handle by my routing table?
this server is a webserver. over tun0 comes traffic from internet. also: client -> rootserver (public ip) ---vpn------> server (tun0/10.8.0.6) i want that all traffic comes over tun0 goes back to tun0. Zitat von Selva Nair <selva.n...@gmail.com>: > On Mon, Dec 7, 2015 at 12:53 AM, Axel Glienke <a...@glienke.cc> wrote: > >> i have a little question. >> >> My system: >> >> ip route: >> 0.0.0.0/1 via 10.8.0.5 dev tun0 >> default via 192.168.2.1 dev br0 proto static metric 425 >> 10.8.0.1 via 10.8.0.5 dev tun0 >> 10.8.0.5 dev tun0 proto kernel scope link src 10.8.0.6 >> 88.198.140.127 via 192.168.2.1 dev br0 >> 192.168.2.0/24 dev br0 proto kernel scope link src 192.168.2.101 >> metric 425 >> 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 >> >> >> traceroute gmx.de >> traceroute to gmx.de (213.165.65.60), 30 hops max, 60 byte packets >> 1 Speedport.ip (192.168.2.1) 0.578 ms 0.662 ms 0.859 ms >> ^C >> [root@h1 ~]# traceroute spiegel.de >> traceroute to spiegel.de (62.138.116.3), 30 hops max, 60 byte packets >> 1 10.8.0.1 (10.8.0.1) 35.009 ms 34.982 ms 34.956 ms >> ^C >> >> Why the routing is different, in first case over br0 in second over >> the vpn device? >> >> > Because of this route in the routing table: > > 0.0.0.0/1 via 10.8.0.5 dev tun0 > > Remove it. > > I want, that only traffic, incoming over tun0 routing back over tun0.Is >> this possible with iptables/firewalld-cmd? >> > > If the only traffic coming in through tun0 is from 10.8.0.1, the 2 routes > to 10.8.0.x will take care of that. If there are other hosts to be reached > through the tunnel, additional routes will be needed. > > Selva Grüße Axel ------------------------------------------------------------------------------ Go from Idea to Many App Stores Faster with Intel(R) XDK Give your users amazing mobile app experiences with Intel(R) XDK. Use one codebase in this all-in-one HTML5 development environment. Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs. http://pubads.g.doubleclick.net/gampad/clk?id=254741911&iu=/4140 _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users